Beazley Breach Insight: Ransomware rises 25% in Q1 2020
Phishing scams soar as cyber criminals manipulate COVID-19 uncertainty
Specialist insurer Beazley has reported a 25% spike in ransomware attacks in the first quarter of 2020 versus Q4 2019, based on incidents reported to in-house breach response team Beazley Breach Response (BBR) Services.
While nearly all industries reported incidents, the manufacturing sector was the hardest hit with a 156% increase in incidents quarter-over-quarter.
Although manufacturing saw the biggest rise in ransomware incidents, the most affected sectors continue to be financial services and healthcare, which together accounted for half of all ransomware attacks reported to Beazley in the first quarter.
Ransomware attacks against vendors and managed service providers (MSPs) continued to pose problems in Q1 2020, and not only for the targeted business but often their downstream clients, too. Banks and credit unions and healthcare organizations were particularly hard hit as a result of attacks against MSPs.
As attack groups turned their attention to ransomware, business email compromise (BEC) incidents reported to Beazley declined 16 percent in the first quarter as compared to the previous quarter. The issue has certainly not gone away ‑ a possible reason for the decline may be that fewer email compromises have been identified and reported due to the disruption caused by COVID-19.
Phishing attacks, however, have soared during lockdown, according to security awareness training experts, KnowBe4. Their research has tracked myriad ways that cyber criminals are using phishing scams to steal personally identifiable information through fake emails and texts designed to look like official COVID-19-related information.
Katherine Keefe commented: “Cyber criminals prey on people’s heightened anxiety during this pandemic, tricking them into clicking and sharing links that steal information. Also, those working from home may have weaker IT security that corporate networks typically provide. Organizations must ensure their security systems and protocols are up to date and ensure that working from home colleagues are extra vigilant.”
The full Beazley Breach Insight including advice on how to protect your organization from phishing attacks is available here.