Cyber ​​attacks 2024: BEC & FTF dominate insurance claims!

Cyber ​​attacks 2024: BEC & FTF dominate insurance claims!

The Coalition's latest Cyber ​​Claims Report shows alarming trends in cyber insurance claims for 2024. Like the report on the website datensicherheit.de reports, 60% of claims result from Business Email Compromise (BEC) attacks and 29% result from Funds Transfer Fraud (FTF) attacks. These two forms of fraud are the driving forces behind the economic damage that is currently affecting companies.

Dr. Martin J. Krämer from KnowBe4 emphasizes the urgent need to increase employee security awareness, as BEC and FTF attacks are often based on phishing techniques. The average damage from BEC attacks increased by 23% to around 31,000 euros in 2024. In comparison, FTF attacks have declined by 2%, with the average loss reduced by 46% after reaching an all-time high in 2023.

Risks for companies

The analysis shows that companies with low cybersecurity awareness are particularly at risk. To counteract this, the report recommends training to educate people about attack strategies and the use of modern phishing simulations. Traditional training is no longer sufficient as attackers become more and more professional.

Like the data on infosecurity-magazine.com show, email-based fraud cases will already account for 53% of insurance claims in 2023. This statistic shows that BEC and FTF attacks combined account for 28% of the total claims. Additionally, FTF claims increased 15% year-over-year, with the total amount increasing 24%, resulting in an average loss of over $278,000.

Further insights

Although BEC claims increased by 5%, average claim amounts fell by 15%. Ransomware also remains a challenge as this type of attack increased by 15% in frequency, while the average loss rose to over $263,000.

The 2023 data also shows that the overall frequency of claims increased by 13%, while losses increased by 10% to an average of $100,000 per claim. Larger companies with revenues between $25 million and $100 million saw the most significant increase in claim frequency of 32%.

A worrying trend is the increase in attacks on organizations using vulnerable devices. For example, policyholders with internet-exposed Cisco ASA devices were five times more likely to experience a claim. Companies that use exposed Fortinet devices or Internet-exposed Remote Desktop Protocol are also vulnerable to increased risk.

In summary, organizations urgently need to strengthen their cybersecurity policies and training to effectively address the growing threats of BEC and FTF attacks, as well as ransomware.