Feeling ransomware fatigue? Threat actors feel it too.

We kid. Unfortunately, ransomware is here for the long run. It’s the most costly and destructive form of attack that we see, and global trends show no letup in activity. But if you watch trends in cybercrime closely, you’ve likely noticed a shift as of late. At least in the U.S., the air of inexorable growth surrounding ransomware has given way to a more balanced portrait. A tried-and-true tactic, fraudulent funds transfer, has earned more attention, as it has continued to generate substantial losses for organizations.

28%: percentage of Corvus claims related to fraudulent funds transfers, the largest claim category What's become clear in the past year is that cybercrime is never going to be bound up in a single method or style. Broad trends in IT security or law enforcement practices may force threat actors to adapt their strategy, or even fold a few hands, but they're not walking away from the table. Extortion, in various forms, will likely remain a key aspect of cyber risk.

48%: percentage of ransomware claims with exfiltration in H1 2022, an all-time high So for this edition of the Risk Insights Index, rather than focus primarily on ransomware, as we did in the Q4 2021 and Q2 2022 editions, we’re going to look at ransomware's status today in the context of the many other elements that make up the universe of cyber risk. We’ll discuss what attack methods and crime tactics are most consistent over time; which are rising in popularity and which are fading; and which cost victims the most. Some of the findings might surprise you.

Enjoy reading!