Ransomware demands in H1 2021 leap nearly threefold – Coalition

Groups are increasingly focusing on small and micro businesses in the US and Canada

Ransomware demands in H1 2021 leap nearly threefold – Coalition


By Lyle Adriano

Cyber insurance and security provider Coalition has revealed that ransomware demands during the first half of 2021 were considerably larger than in the first half of 2020.

The company’s H1 2021 Cyber Insurance Claims Report analyzed claims data through June 2021 from 50,000 customers in the US and Canada. It found that from the first half of 2020 to 2021, the average ransom demand made to Coalition’s policyholders increased nearly threefold, from $450,000 to $1.2 million per claim.

Although the average ransom demand steadily increased, the average payout Coalition made for ransomware claims decreased slightly from H1 2020 to H1 2021. The insurer believes this is reflective of its efforts to help policyholders negotiate ransoms and recover data backups.

Coalition also found that during H1 2021, several new aggressive ransomware variants came into prominence, including Mount Locker, HelloKitty, and Conti.

Although ransomware attacks have become more frequent and severe in the past year, Coalition noted that many organizations continue to be targeted by “less sophisticated” attack techniques that exploit companies’ remote work arrangements. Almost 50% of attacks against Coalition’s policyholders were initiated by phishing and social engineering. It also found that from H1 2020 to H1 2021, funds transfer fraud attacks increased 28% and business email compromise attacks increased 51%. Within that period, average funds stolen in an FTF attack increased from $116,842 to $326,264 — representing a 179% increase.

These cyberattacks are increasingly targeting small and micro businesses, Coalition observed. The report noted a 57% increase in the frequency of attacks against organizations with under 250 employees. Coalition believes the increased automation of cyberattacks and the more widespread use of insecure remote access tools during the pandemic has left smaller organizations exposed.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!