cyber attack/shutterstock.com_2146981305
1 October 2024news

Annual global cyber-attacks double from 2020 to 2024

The number of disruptive and destructive global cyber-attacks taking place each year will increase by 105% to the end of 2024, according to new QBE report.

The report, entitled ‘Connected Business: digital dependency fuelling risk’ claims that if the trend of attacks continues, these strategically significant, disruptive and destructive global cyber-attacks will more than double this year to 211, compared to 103 in 2020.

The NotPetya mass cyber-attack is one such example. It resulted in infections across Europe, North America and Asia Pacific. The associated NotPetya malware caused an estimated US$10bn in damages. These types of disruptive and destructive attacks are far rarer than data loss or simple device compromises type incidents that are in the 1000s or 10000s.

CrowdStrike’s Falcon Sensor failure on 19 July 2024 cost Fortune 500 companies US$5.4bn in damages and US$25bn in share value. Cybercriminals were quick to exploit the event launching phishing campaigns with CrowdStrike-related lures, seeking to compromise systems, steal data and extort victims. 

According to Control Risks, all cyber incident types are significantly underreported.

Further analysis conducted by QBE in the UK shows the majority (69%) of medium to large sized businesses were disrupted by cyber-events in the past 12 months.

QBE asked more than 300 IT decision makers their views on the cyber landscape and threats.

Alarmingly, 78% of businesses are concerned about cyber threats they may face, with more than half (51%) expecting a cyber event in the next 12 months.  Despite these risks, a third (36%) of businesses said they do not have an incident response plan, and nearly half (43%) don’t have any form of cyber insurance.

In response to CrowdStrike, 57% of all businesses said they would look into purchasing or expand their insurance coverage.

Businesses consider AI to be more useful for their cyber security with 32% of businesses saying it will improve their cyber protection compared to 15% of businesses thinking AI will increase cyber risks.  QBE said there was a need for improved cyber contingencies in the economy. 

David Warr QBE Insurance Portfolio Manager for Cyber said: “In some parts of the world, take-up for cyber insurance has been slow but as more businesses see their competitors making use of it and see the disruption caused by events, it is spurring them on to look for coverage themselves. CrowdStrike has contributed to changing perceptions of cyber risk and cyber protection. It has raised awareness of the types of events covered under a cyber policy, with cover provided for both security incidents as well as operational issues.”

“AI is both a hindrance and a help to the cyber landscape. As AI becomes more widely accessible, cybercriminals and cyber activists can launch larger-scale attacks at a faster pace. This increased capability in scale and speed brought on by AI could threaten the cyber domain. However, controlled and managed use of AI can also help detect cyber vulnerabilities. 

“Companies in the UK and around the world both big and small should be building up their resilience to both mitigate against cyber threats and be prepared to act in the event of a cyber-attack.”

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.