• by Ray Schultz , September 11, 2020

Businesses hit by ransomware and other forms of attack are filing claims at a frantic pace, according to the 2020 Cyber Insurance Claims Report, a study by insurance provider Coalition. And email is the main vehicle for malicious messaging. 

The leading types of attack are:

• Ransomware — 41%
• Funds Transfer Loss — 27%
• Business Email Compromise (BEC) — 19%

These forms of attack accounted for 87% of reported incidents and 84% in the first half of 2020. 

In addition, BEC attacks have increased in frequency by 67%. 

The BEC claims by industry are:

• Financial services — 32%
• Professional services — 23%
• Consumer discretionary — 13%
• Healthcare —10%
• Real estate — 10%

The leading attack techniques are:

• Email phishing — 54%
• Remote access — 29%
• Other social engineering — 6%
• Third-party compromise  —3%
• Brute force (authentication) — 3%
• Other — 3%

Firms that utilize Microsoft Office 365 are 3.2 times more likely to be hit with a BEC attack than Google Gmail users, the study says. 

Since the pandemic started, Coalition has seen a 35% in funds transfer fraud and social engineering claims, with losses ranging from the low thousands to $1 million per event. 

Moreover, ransomware attacks have increased in severity by 47% on top of a 100% increase from 2019 to first-quarter 2020.

The industries most hit by ransomware are:

• Consumer discretionary — 28%
• Professional services — 16%
• Healthcare — 12%
• Financial services — 9%
• Information technology — 8%

Larger companies — those with revenues of $100 million to $250 million — were five times more likely to get hit. 

However, even smaller firms — those with revenues under $10 million — were likely to suffer six-figure losses. 

“We’re in a heightened state of cyber vulnerability: human errors are more likely to be made remotely, new technology is being deployed on a daily basis to support remote work setups, and cybercriminals are taking advantage,” states Joshua Motta, CEO and co-founder of Coalition.