Skip to content

Search the site

Ransomware losses soar by two-thirds, prompting insurance cost hike warning

"AI has made the process smarter and free of errors for criminals."

The losses caused by ransomware have soared in the first half of this year, rising 68%, according to a new report by a cyber insurance provider.

The frequency of ransomware attacks globally dipped by 10% in the first half of 2024, Coalition reports, and the amount actually paid out has dropped 57%, thanks to negotiating with ransomware gangs, with an average payout of  $353,000. 

Interestingly, certain variants (Play and Blacksuit) were associated with higher demands, $4.3 million and $2.5 million respectively. 

The report found that ransomware remains relatively "seasonal", with gangs preferring to strike at times when they know businesses will be less likely to notice. 

The report said that there are “consistent drop-offs in the summer months and spikes during winter holidays, a conscious attempt by threat actors to go unnoticed within a system at times when businesses are typically slower to react.”

The report also found that business email compromise increased 4% in the first half of 2024, with companies with more than $100 million in revenue seeing a 60% spike in frequency, with Coalition attributing this to the use of AI. 

Previous research by security company VIPRE found that 40% of BEC emails are generated by AI.

In one notorious case, a worker in Hong Kong transferred $25 million to criminals, after falling for a BEC email and going on a video call with several supposed colleagues, all of whom were deepfakes generated by AI.

Javvad Malik, lead security awareness advocate at KnowBe4 told The Stack that AI is making it easier for ransomware operators, also. He said: “With the majority of ransomware infections occurring due to social engineering, AI has made the process smarter and free of errors for criminals, so they will continue to use and develop AI for their gains. 

“We've already seen big changes in cyber insurance when it comes to ransomware coverage, we'll likely see more changes with premiums continuing to rise, and more organisations being denied coverage due to poor security controls or a lack of general security awareness."

READ MORE: British Library reveals £400,000 plan to rebuild after "catastrophic" ransomware attack

Latest