Three trends driving cyberattacks in 2024

Ransomware claim activity is set to grow more than 50% year-over-year in 2023, while so-called ransomware-as-a-service (RaaS) kits, which start at just $40, have been a key driver of the overall increase in attack frequency. Gangs are also carrying out more attacks at a faster pace, with the average number of days to execute an attack falling to four days from around 60 in 2019.

Most ransomware attacks now involve the theft of personal or sensitive business data, increasing the cost and complexity of incidents and bringing greater potential for reputational damage. Analysis of large cyber losses (€1 million and above) in recent years by Allianz Commercial, a global insurance company, shows that the number of cases where data has been compromised is increasing - doubling from 40% in 2019 to nearly 80% in 2022, with even higher activity in 2023.

Protecting businesses from intrusions is therefore a cat-and-mouse game in which cybercriminals have the upper hand. Threat actors are now exploring ways to use AI to automate and accelerate attacks, creating more effective malware and phishing campaigns. Add to that the explosive growth of connected mobile devices and 5G-enabled IoT, and the avenues for cyberattacks look only likely to increase in the future.

At Allianz, our global team of risk engineers regularly monitor the cyber environment to help companies mitigate emerging risks, threats currently on our radar include:

The power of artificial intelligence (accelerating cyber attacks)

Threat actors are already using AI-powered language models like ChatGPT to write code. GenAI can help less-skilled threat actors create new strains and variants of existing ransomware, potentially increasing the number of attacks they can perform. We expect to see an increase in the use of AI by malicious actors in the future, which will require stronger cybersecurity measures.

Voice impersonation software has become a powerful addition to the cybercriminals’ arsenal, with one case involving the CEO of a UK energy supplier transferring around $250,000 to a scammer after receiving a call from what they believed to be the head of the division’s parent company, asking them to wire the money to a supplier. The voices were generated using artificial intelligence, and deepfake video technology designed and sold for phishing scams can now also be found online for as little as $20 per minute.

It’s not all bad news though, we’re likely to see more incidents leveraging AI in the future, but investments in AI-powered detection should also help catch more incidents earlier.

Mobile devices expose personal and corporate data

Lax security and the mixing of personal and corporate data on mobile devices such as smartphones, tablets and laptops is an attractive combination for cybercriminals. Allianz Commercial reports that incidents caused by poor cybersecurity on mobile devices are increasing. During the pandemic, many businesses enabled new methods of accessing their corporate networks through dedicated devices without requiring multi-factor authentication (MFA), which also led to several successful cyberattacks and huge insurance claims.

Criminals now target mobile devices with specific malware to gain remote access, steal login credentials, or deploy ransomware. Personal devices often have less stringent security measures, and using public Wi-Fi on such devices can increase their vulnerability, including to phishing attacks through social media.

The rollout of 5G technology is also a potential area of ​​concern if not managed properly, as it will power more connected devices, including complex applications - from driverless cars to smart cities. However, many IoT devices do not have a good track record in cybersecurity, are easily discovered, and will not have MFA mechanisms in place. This, together with the addition of AI, poses a serious cyber threat. Even today, we can still see devices on the internet with default passwords.

Cybersecurity skills shortages impact cost and frequency of incidents

The growing shortage of professionals will make cybersecurity efforts increasingly complex. Currently, the global cybersecurity workforce gap exceeds 4 million, and demand is growing at twice the rate of supply. Gartner predicts that by 2025, talent shortages or human errors will cause more than half of major cyber incidents.

In short, because technology is evolving so quickly, there aren’t enough experienced people to keep up with the threats. It’s hard to find good cybersecurity engineers, which means companies are more vulnerable to cyber incidents. Without skilled personnel, it’s harder to predict and prevent incidents, which could mean more losses in the future.

The shortage of cybersecurity experts will also affect the cost of incidents. According to IBM's "2023 Cost of Data Breach Report", the average data breach cost for companies with severe security skills shortages is $5.36 million, which is about 20% higher than the actual average cost.

Early detection is key to combating emerging cyber threats

Preventing cyberattacks is becoming increasingly difficult, and the stakes are higher, so the ability and tools to detect and respond early are becoming more and more important. If you have an undetected vulnerability in your network, it is a potential Achilles' heel. If you don't have effective early detection tools, it can lead to extended unplanned downtime, increased costs, and greater impact on customers, revenue, profitability, and your reputation.

Currently, the largest share of IT security budgets goes to prevention, with around 35% going to detection and response, however, if undetected, a breach can escalate quickly, and once data is encrypted and/or stolen, the costs can snowball – costing 1,000 times more than if the incident had not been detected and contained early, the difference between a $21,784 loss turning into a €20 million loss.

Looking ahead, detection tools will be the next logical step for most companies to invest in. Ultimately, early detection and the ability to respond effectively will be key to mitigating the impact of cyberattacks and ensuring a sustainable cyber insurance market in the future.