Threatonomics Newsletter: December

When we look back at the most significant moments of 2024, the “Three Cs”–Change Healthcare, CDK, and Crowdstrike–stand out. While these events rocked the tech world, we were impressed by how resilient the ecosystem proved itself to be. Still, the impact of third-party risk was significant for companies caught downstream of these interruptions. That is why we remain vigilant in our focus on continuous engagement with our clients to prevent losses.?

From the introduction of Breach and Attack Simulation and the Cyber Risk Profile Builder to our increased capacity to write policies of up to $20 million, our team remains focused on making your company and the whole tech ecosystem more resilient to loss. Thank you for being on this journey with us, and have a happy and peaceful new year.?

Trends in Transfer Fraud

Our claims team has observed a notable uptick in transfer fraud and wire fraud claims, signaling a potential shift in threat actor tactics or increased targeting of certain industries. In 2024 we have already seen more claims for transfer fraud than we saw in the previous three years.?

This surge may be attributed to changes in attacker methods, overall growth in such crimes, or Resilience's increased coverage of industries like banking and real estate, which are particularly vulnerable due to frequent fund transfers. Interestingly, fewer claims have arisen in less-exposed sectors, like professional services or retail.

Regardless of the reason behind this uptick, transfer fraud is nearly always the result of social engineering, which continues to drive more losses than any other point of failure, according to the Resilience Midyear Cyber Risk Report. To avoid falling victim, reinforce how to recognize and report any fraudulent attempts to gain access to your company’s system with everyone in your organization, from the C-suite to entry-level.

As claims are still developing, our team is conducting a deep dive to uncover the underlying drivers of this trend. Stay tuned in the new year for more on this.?

2024: A Year in Review

What an incredible year! From expanding our solutions to large enterprises and new markets to key leadership appointments and industry recognition, 2024 has been a year of growth, innovation, and impact. Here are some of the highlights that made this year unforgettable:

• January: The Resilience Solution becomes available to large enterprises with revenues up to $10 billion (Learn more)
• February: Resilience acquires BreachQuest, a pioneer in next-generation incident response. (Learn more)
• March: Resilience offers Tech E&O Coverage tailored for US-based risks up to $10 billion in revenue. (Learn more)
• May: Resilience’s Risk Operations Center (ROC) discovers criminal activity from a threat actor group called Scattered Spider, known to be the criminals behind the MGM resort hacks and more (Learn more)
• June: Resilience wins Cyber MGA of the Year at the annual Zywave Cyber Risk Awards
• July: We double our cyber insurance limits for U.S. based companies and are able to underwrite up to $20MM (Learn more)
• August: Killian Brady is appointed as our newest Chief Underwriting Officer, and we welcome new additions Nick Little and Erin Pope.? Resilience issues our Mid Year Cyber Risk Report?
• September: New leadership joins the team, including Rebecca Jones, SVP of Engineering, and Jeremy Gittler, Global Head of Claims.
• October: Matthew Polly joins as our first Chief Revenue Officer Additionally, we expand into France and Benelux under Marijke van Berkom's leadership.?

Cybersecurity and Cyber Insurance Predictions for 2025

Businesses are facing an unprecedented increase in the volume and sophistication of cyberattacks, including ransomware and fraud using deepfake technology. As the costs of cyberattacks rise—affecting operations and reputation—cyber insurance has become essential for companies of all sizes.

Today’s businesses need both cyber insurance and cybersecurity to build resilience in a challenging digital landscape. Based on trends in cyber risk, Dr. Ann Irvine, Chief Data and Analytics Officer at Resilience, has some predictions for the new year:

1. A little-known company will experience a major cyber incident

Dr. Irvine warns that the largest cyber incident of 2025 will likely involve an unknown company, highlighting that no organization is safe from cyber threats. Smaller companies, lacking resources and expertise, are especially vulnerable and can have widespread impacts due to their roles in supply chains.?

2. Deepfakes will target major corporations

Deepfake technology is a rapidly advancing threat. Dr. Irvine predicts that by 2025, a Fortune 500 company will likely be targeted by a deepfake attack. These attacks could involve impersonating a CEO in a video or issuing fake directives, leading to serious financial or reputational damage.?

3. Nation-state actors will not cause a nationwide internet outage??

Dr. Irvine believes that major internet outages caused by nation-state actors are unlikely in 2025. The reason is clear: the consequences of such an attack would be too severe, including international retaliation and legal consequences. Instead, these actors are expected to focus on targeted attacks with specific strategic or financial goals.

4. Public awareness of cyber risk will continue to increase

Public awareness of cybersecurity risks is on the rise due to high-profile breaches and scams. This increased awareness can drive positive change. More individuals and organizations are adopting proactive measures like multi-factor authentication, while policymakers are considering tougher penalties for cybercriminals. While awareness alone won't eliminate cyber risks, it can foster a culture that prioritizes cybersecurity across all levels of society.

What trends are you keeping your eye on? Share your thoughts with us in the comments below.

Latest Cyber Threats We’re Tracking

• FinCEN Alert on Fraud Schemes Involving Deepfake Media Targeting Financial Institutions. The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) published an alert for the financial services sector following a steady increase in fraud schemes targeting their institutions and customers.
• Lumma/Amadey: fake CAPTCHAs want to know if you’re human. Over the last few months, malicious actors have been leveraging fake CAPTCHAs as an initial infection vector by pushing these malicious CAPTCHAs via ad networks.
• Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale. Cybercriminals are leveraging DocuSign's APIs to send authentic-looking fake invoices to support Business Email Compromise attacks and fraud.
• Fake Bitwarden ads on Facebook push info-stealing Chrome extension. Fake ads for the popular password manager app, Bitwarden are being used in a malvertising campaign that leads users to download information stealing Google Chrome browser extension.?
• Law enforcement doxxing raises risk profile for threat actors.? In their Quarterly Report, Coveware three key drivers that make threat actors participate in the ‘extortion economy’ while also highlighting ransomware statistics for 2024 Q3.

Thank you for reading. Before you go...

Subscribe so you don’t miss our next issue. For more trends and insights from Cyber Resilience experts, follow our LinkedIn page for weekly blog posts, videos, and more!