Coalition predicts ‘uptick’ in cybercrime at end of war

Cyber insurer Coalition has predicted the market will see an “uptick” in cyber attacks when the Russia-Ukraine war ends. 

Catherine Lyle, Coalition’s head of claims, has predicted in uptick in both ransomware and also funds transfers fraud, which occurs when organizations are tricked into sending funds to the wrong entity.

As many as 74% of ransomware payments last year were to groups believed to be affiliated with Russia, according to data from Chainalysis, a company that provides data and services related to cryptocurrencies.

Since the war between Russia and Ukraine began in February, Russian hackers have focused their attention on Ukrainian targets. Coalition’s figures showed that the frequency of claims among its insureds fell by 7% in the first half of 2022 relative to the last six months of 2021. The average size of a claim fell by 8% to $175,258.

But some experts believe that, even if the war drags on, other cyber criminals will step in and fill the vacuum, driving up claims even before the war’s end.

Chris Hendricks, head of Coalition’s incident response, warned that for criminal gangs, cybercrime is a “thriving business”. 

“They've moved from kind of slapdash and unprofessional, unpolished organisations to [being] much more professionalised and polished,” he said.

He pointed to the example of the Lockbit 3.0 gang, which he described as “extraordinarily professionalised”. 

“They have very polished professional service representatives,” he said, adding that interacting with them is not unlike interacting with “a bank or other online customer service.”

Lockbit 3.0 (formerly known as Lockbit 2.0) is probably the most prolific ransomware gang in the world accounting for 40% of all ransomware incidents in August, according to research by NCC Group’s Global Threat Intelligence Team.