Yvette Essen

C-suite executives will increasingly be targeted by cyber criminals looking for ways of extorting money from large corporations. According to a new report from cyber analytics provider CyberCube, organized criminals and hackers are moving away from ‘high volume, low-value’ methods of attack to, instead, carefully selecting senior managers who have access to organizations’ bank accounts and are in a position to authorize payments. Maximum degree of compliance Criminals are also predicted to use artificial intelligence to construct algorithms that will ‘hunt’ for individual targets while deciding which of their ‘buttons to press’ in order to obtain the maximum degree of compliance. The report, Understanding Ransomware Trends, predicts that criminals will more closely calibrate their ransom demands to an organization’s financial performance, data assets and other measurables. This includes appetite and ability to pay ransoms. Aggressive organized criminal groups Overall, the report contends, the nature of ransomware attacks is changing with greater focus on organizations rather than private individuals. According to figures from cyber security specialist Symantec, the volume of cyber attacks focusing on consumers has fallen from 69% in 2016 to 19% in 2018. In hand with this, payment demands are increasing, rising to millions of dollars in some instances. The nature of ransomware attacks is changing with greater focus on organizations Oliver Brew, CyberCube’s Head of Client Services and one of the report’s authors, said: “The business model for cyber crime is evolving rapidly. Threat actor groups are conducting campaigns and adjusting their models to extract greater value from a smaller number of attacks. Recently, we’ve seen some very sophisticated and aggressive organized criminal groups conduct carefully targeted ransomware attacks, which mark a move away from the traditional high volume, low-value approach.” Forward-Looking view of cyber threats Yvette Essen, CyberCube’s Head of Content, added: “Criminals are realizing that ransom demands of millions of dollars are achievable when the target becomes a corporation rather than lots of consumers. The danger now is that the Coronavirus outbreak is creating the ideal conditions for ransomware attacks to flourish. With widespread working from home, increased internet traffic, increasing use of technology for what were face-to-face transactions, corporations must increase their vigilance.” Darren Thomson, Head of Cyber Security Strategy for CyberCube, said: “Insurers need to take a forward-looking view of cyber threats like ransomware. That’s why CyberCube is investing in research and development necessary to help the insurance industry anticipate how these attacks are evolving. It’s important to remember that the amount of ransomware attacks like Travelex which have gone public are just the tip of the iceberg.”

A lack of historical data and the rapidly evolving nature of cyber threats mean that cyber risk modellers need to be selective in the lessons they learn from natural catastrophe models. According to a new report from market-renowned cyber analytics provider firm, CyberCube, the evolution of natural catastrophe modeling since Hurricane Andrew in 1992 can act as a template for cyber modelers, but only up to a point. Beyond that, cyber modelers need to develop their own solutions. ‘Drawing from the Experience of Nat Cat Modeling’ ‘Drawing from the Experience of Nat Cat Modeling’, highlights three key differences While there are similarities between the two types of models, the report, ‘Drawing from the Experience of Nat Cat Modeling’, highlights three key differences. In addition to a lack of historical data and the rapid frequency with which cyber events are changing, cyber-attacks involve ‘active adversaries’ in the form of criminals or terrorists. These important differences mean that cyber modelers do not have the time or ability to ‘observe, learn and adapt from past data and models’. One key challenge for cyber modelers identified in the report is the need to improve accuracy in this sector in which the past provides limited guidance as to future activity. Enhancing cyber security Oliver Brew, CyberCube’s Head of Client Services and one of the report’s authors, said “There’s a well-known phrase in statistical circles that while all models are wrong, some are useful. Models like CyberCube’s model do not have a predictive line of sight to outcomes but they do aid decision-making, capital planning and a wide range of other factors.” He adds, “For a long time, our sector thought that by studying the way in which nat cat models developed, we could find answers to build better cyber models. What this report shows is that those parallels will only take us so far. The challenge for businesses like CyberCube is to use the tools at our disposal to learn from the past and make informed decisions about the future. The good news is that cyber models are improving rapidly with more useful data sources and faster cloud-hosted processing power.” ‘Categorized and structured’ data The report studied how Hurricane Andrew in 1992 highlighted significant weaknesses in what were then current modeling practices. Yvette Essen, Head of Content at CyberCube, said “Back then, insurers estimated the size of future losses using ‘experience’ data based only on what happened in the past. Actuaries simply adjusted recent history to reflect current trends. Hurricane Andrew helped to prove that past data is a poor gauge for future catastrophe exposure. Previous projections failed to recognize that science indicated unprecedented events were within the realm of reasonable possibility.” Limited volume of ‘categorised and structured’ data on insured cyber losses can hamper cyber models' development The limited volume of ‘categorized and structured’ data relating to insured cyber losses may also hamper the development of cyber models. While there are many sources for information on well-documented cyber incidents, the report notes, these have not translated into a similar volume of useful data that insurers and modelers can utiltize. Cyber risk analytics expert CyberCube delivers renowned cyber risk analytics for the financial and insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s Software-as-a-Service platform helps insurance companies make better decisions when underwriting cyber risk and managing cyber risk aggregation. CyberCube’s enterprise intelligence layer provides insights on millions of companies globally and includes modeling on over 1,000 single points of technology failure. Drawing from the Experience of Nat Cat Modeling is published online and available from CyberCube on the official company website.