Report: Ransomware attack frequency and amount demanded down in H1 2022

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

According to a new report from Coalition, ransomware attack frequency and cost are down. From H2 2021 to H1 2022, ransomware payment demands decreased from $1.37 million to $896,000. Of the incidents that resulted in a payment, Coalition policyholders paid an average of roughly 20% the initial amount demanded. As organizations become more aware of ransomware, they have implemented better controls, allowing them to restore operations without paying.

Over the last three years, cyberattacks have evolved into a viable criminal business model, with ransomware gangs holding all-sized organizations hostage in exchange for exorbitant fees. In 2022, many of the top ransomware variants could be directly associated with or leased from the Conti ransomware gang, such as Karakurt — a known data extortion arm of Conti. The FBI estimates that attacks associated with Conti have had payouts exceeding $150 million, making Conti the costliest strain of ransomware ever. 

Image source: Coalition.

While ransomware has declined, the report by Coalition, 2022 Cyber Claims: Mid-year Update, found that phishing has become one of the most common attack vectors that result in cyber insurance claims –- accounting for nearly 60% of claims, increasing 32% from 2021.

Coalition also observed that phishing often leads to FTF events, where threat actors steal funds by redirecting or changing payment instructions. FTF severity increased by 3% in 2022, demonstrating consistent annual three-year growth.


MetaBeat 2022

MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.

Register Here

As attack methods shift, small businesses (SMBs) are still in the crosshairs. The average claim cost for an SMB increased 58% compared to 2021. As SMBs continue their digital evolution, they increase their dependence on third-party vendors for technology tools. This reliance often makes SMBs more vulnerable because they lack the necessary resources to invest in their security.

Coalition’s report stems from an aggregation of claims and incident data from the 160,000+ organizations it protects. This report examined claims data from Coalition’s North American policyholders, including the highest profile claim events and cyberattacks, during the first half of 2022.

Read the full report by Coalition.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.