Data Reveals 133% Increase in Business Email Compromise Incidents from 2017 to 2018

Source: Beazley | Published on March 22, 2019

Cyber security

Business email compromises (BEC) accounted for 24% of the overall number of incidents reported to Beazley Breach Response (BBR) Services in 2018, compared to 13% in 2017, according to a new report published today by Beazley.

The latest Beazley Breach Briefing, based on information gleaned from investigations into more than 3,300 data incidents in 2018, takes an in-depth look at how the common breaches are perpetrated, and how businesses can deal with them.

Almost half (47%) of all incidents investigated by BBR Services in 2018 were the result of a hack or malware. Of these, approximately half were BEC. These are social engineering attacks in which a cybercriminal uses compromised email credentials or spoofs a legitimate email address. They use it to try to trick an employee into making an electronic payment to a bank account controlled by the cybercriminal or, in some cases, to transfer sensitive data.

Businesses can prevent emails from being compromised by taking the following precautions:

  • Implement multi-factor authentication for remote access
  • Provide regular anti-fraud training for employees
  • Set up pre-determined codes to confirm requests for employees authorized to request fund transfers
  • Limit the number of employees who can authorize wire transfers
  • Apply the following checks if a vendor requests changes to its account details:
    • confirm all requests by a direct call
    • use pre-agreed phone numbers
    • review all requests by a next-level approver before making any changes
    • check that the address or bank account are the same as for previous payments

Data on the thousands of cyber breaches handled by BBR Services in 2018 and detailed information on the types of risks and how to defend against them can be found in the latest Beazley Breach Briefing.

This report includes findings and analysis of Beazley data on BEC, banking Trojans and ransomware, which all increased in 2018.

Beazley found that the average ransomware demand in 2018 was more than $116,000, but this was skewed by some very large demands. The median was $10,310. The highest demand received by a Beazley client was for $8.5 million – the equivalent of 3,000 Bitcoin at the time.

Small-to-medium sized businesses, which tend to spend less on information security, were at a higher risk of being hit by ransomware than larger firms.

The healthcare sector was hardest hit by ransomware attacks, followed by financial institutions and professional services.

Malware known as banking Trojans were designed to steal banking credentials. Recent variants have also been capable of stealing other credentials and used to deploy other types of malware.

Katherine Keefe, global head of BBR Services at Beazley, said: “The threat posed by cyber criminals continues to grow in complexity as they devise new techniques to breach IT security and trick unsuspecting employees into allowing them access to systems. By handling thousands of data breaches every year, BBR Services is able to shine a light on where the new and emerging cyber threats are coming from and help businesses to better understand and prepare for a breach.”

“Unfortunately, we see these threats globally across all sectors and we strongly believe that education about the risks and preparedness are as important as IT security measures for protecting individuals and assets from cyber attacks.”