Cyber claims from small and midsize businesses saw a “material uptick” in 2021, with funds transfer fraud a main culprit, according to cyber insurance and security firm Coalition.
According to its 2022 Cyber Claims Report, Coalition concluded that from 2020 to 2021, losses from funds transfer fraud (FTF) increased 69 percent overall, and among enterprises with revenue under $25 million, frequency went up 21 percent. Initial losses from FTF among small businesses jumped 102 percent to more than $309,000 in the second half of 2021.
The news was also not good for businesses with revenue of between $25 million and $100 million, where FTF frequency shot up 68 percent.
“Organizations of this size are likely especially vulnerable to [FTF] attacks,” Coalition’s experts said in the report. “They often have a smaller digital footprint than larger organizations, leaving threat actors with fewer options to pivot inside a network and less infrastructure and data to hold hostage in a ransomware attack.”
Indeed, ransomware garnered many of the headlines again in 2021, but Coalition warned against sleeping on FTF. The firm said time is a major factor in recovering the money and, unfortunately, organizations were slower to report losses in the second half of the year. Coalition was able to recover funds in 61 percent of cases during the first half of 2021, but that fell to 39 percent during the second half.
This news is not to say ransomware has taken a backseat. In 2021, ransom demands and the frequency of attacks each increased. Coalition said its policyholders saw ransomware demands go up 20 percent to over $1.8 million in 2021.
Ransomware events are complex, in part because of the federal government’s tighter rules on ransomware payments and the fact threat actors require cryptocurrency. However, Coalition said claims severity “started to plateau” last year, and the firms saw a 16 percent decrease in ransomware payments in the second half of 2021.