Reading Time: .
Digital extortion evolves into a cyber pandemic
In its latest situation report, the German Federal Office for Information Security (BSI) states that extortionist DDoS attacks and attacks employing encryption Trojans have increased significantly. T/en/drdos-rdos-blackmail-using-reflectionhat is also the conclusion of the Risk Barometer 2022 by AGCS (Allianz Global Corporate & Specialty). One reason for the escalation of the threat situation is the easy accessibility of malware. Criminals no longer need extensive IT expertise to carry out attacks. Instead, Cybercrime-as-a-Service has become a criminal business that supplies attackers with viruses and Trojans at a minimal cost. DDoS and ransomware attacks can also be purchased as a service, even on a monthly subscription basis. And this starts at only 10 US dollars, payable in Bitcoin.
Another disturbing trend is the growth of “double extortion” tactics. Cybercriminals threaten to disclose sensitive data records after encrypting them and other information, making them inaccessible to the affected company. Those who refuse to comply with the attackers’ demands risk not only permanently losing their data but also having confidential information leaked to the public. In addition, attackers are also increasingly targeting recovery backups, , which, in most cases, are the only way for companies under attack to recover encrypted data.
This commercialization of cybercrime makes it easy for criminals to exploit vulnerabilities on a massive scale, as Scott Sayce, Global Head of Cyber at AGCS explains: “In the past, a bank robber might hit one or two banks in one week following months of preparation. However, with a single cyber attack, thousands of businesses all over the world can be targeted all at once, and more valuable data can be stolen than ever before.”
Digital supply chains are being targeted
Cybercriminals are increasingly focusing on companies’ digital supply chains, which allows them to repeatedly exploit vulnerabilities in services and programs for attacks. Most recently, a serious vulnerability in the Log4J Java library resulted in well over a million attacks in just four days after the flaw was made public. The malware-infested updates from Kaseya and SolarWinds are more examples of such attacks that target a single point of failure, enabling attacks on thousands of companies.
“I fear that we will see more attacks on technology supply chains and critical infrastructure. They are a logical response to companies beefing up their cybersecurity, protection, and response,” says Sayce. “It’s also likely that hardware will be compromised and injected into IT supply chains, and companies should prepare for that scenario.”
No cyber insurance without cyber security
The heightened threat situation is also increasing the demand for cyber insurance. The policies must be construed as part of risk management. They complement the technical and organizational measures taken to create cyber resilience in companies. Robust IT security is also necessary to maintain the policies. Allianz, for example, uses numerous cybersecurity criteria to assess incoming insurance applications. For example, proactive technological safeguards such as endpoint protection and multi-factor authentication are evaluated, as well as regular backups, patches, training, business continuity agreements, and crisis response capabilities.
In the Allianz Risk Barometer, AGCS surveyed 2,650 risk management experts from a wide range of industries in 89 countries.