Report: While Hackers Eye Small Businesses, Ransomware Attacks Decline

A new cyber trends mid-year report released by cyber insurer Coalition suggests that while small businesses continue to be targeted, overall incidents are down and ransomware attacks are declining as demands go unpaid.

During the first half of 2022, the average cost of a claim for a small business owner increased to $139,000, which is 58% higher than levels during the first half of 2021, according to the latest update to the Coalition’s 2022 Cyber Claims Report.

“Across industries, we continue to see high-profile attacks targeting organizations with weak or exposed infrastructure — which has become exacerbated by today’s remote working culture and companies’ dependence on third-party vendors,” said Catherine Lyle, Coalition’s Head of Claims. “Small businesses are especially vulnerable because they often lack resources. For these businesses, avoiding downtime and disruption is essential.”

Phishing continues to be the top means cyber criminals use to infiltrate a business, according to the cyber trends mid-year report.

To produce the report, Coalition analyzed claims data from more the 160,000 organizations it insures for the first half of 2022.

Both Coalition and the broader insurance industry observed a decrease in ransomware attack frequency and the amount of ransom demanded between the second half of 2021 and the first half of 2022. Ransomware demands decreased from $1.37M in H2 2021 to $896,000 in H1 2022.

The cyber insurer’s policyholders experienced 50% fewer claims compared to the broader market. The severity of these claims has also declined, with 45% of incidents resolved at no cost.

“Organizations are increasingly aware of the threat ransomware poses. They have started to implement controls such as offline data backups that allow them to refuse to pay the ransom and restore operations through other means,” said Chris Hendricks, Coalition’s Head of Incident Response. “As ransomware is on the decline, attackers are turning to reliable methods. Phishing, for example, has skyrocketed – and only continues to grow.”

Other key findings:
● Phishing triggers the majority of cyber incidents, accounting for 57.9% of reported claims,
● Cyber gangs have built a thriving business,
● Funds transfer fraud (FTF) claims have held steady thanks to phishing, and
● Microsoft Exchange has become the vulnerability that persists.

The data in this report is an aggregation of claims and incident data, including the highest profile claim events and cyber attacks that continue to pose risks to all businesses.