A new report by Beazley predicts 13% year-over-year growth in 'fraudulent instruction' as a cause of loss and says that from tactics to implications, cyber security will see a subtle but important evolution in 2023.
The specialist insurer’s new cyber services snapshot report reveals that the cyber threat landscape will be influenced by greater incident complexity, the way threat actors use stolen data, and a rise in the US class actions in 2023.
The report presents global data on incidents handled by Beazley cyber services including cause of loss by industry, ransomware vectors, business email compromise, and data exfiltration. These data points provide a real-time view into incidents reported to Beazley, revealing an ongoing picture of emerging cyber risk.
As a category, fraudulent instruction experienced big growth as a cause of loss in 2022, up 13% year-over-year. This trend continues to be quite high, especially when it comes to small organizations.
The report predicts organizations must get smarter about educating employees to spot fraudulent tactics.
To combat this vulnerability organizations must get smarter about educating employees to spot fraudulent instruction tactics like spoofed emails or domain names. Organizations are cautioned to watch for social engineering and spear phishing, bypassing of multi-factor authentication, targeting of managed service providers, and compromising of cloud environments as areas of vulnerability.
Beazley head of US cyber services Russ Cohen said, “At first glance, things hardly seem particularly new as we enter 2023: Threat actors are still using the same kinds of ransomware vectors to attack, and we’re still talking about the same need for education and controls.
Mr. Cohen said, “But look beneath the surface, and it quickly becomes evident that targeted organizations are facing greater incident complexity than ever before. As threat actors bring new sophistication to their techniques and adapt to improved cyber security efforts, more and more companies will realize they can no longer count on the default configuration of off-the-shelf IT solutions and tools.”