April 2022 Broker Update

New Corvus Risk Insights Index, cyber impact of Russian invasion, and more.

We’ve all heard April showers bring May flowers. While we can’t make any big promises about the weather, the Bird’s Eye newsletter does bring something (maybe) better. A forecast with nothing but fresh analysis from our cyber experts. While the flowers are sprouting, read our last edition from January. And for the latest on cybersecurity trends, insights from the pros, and best practice recommendations? Keep reading. 👇 

Insight Spotlight

A roundup of recent commentary and analysis from our cyber experts

The wait is over: the second edition of the Corvus Risk Insights IndexTM is here. We’re bringing you updated, in-depth perspectives on the evolving threat landscape and where we see trends moving — so get your analyst cap on. 

What you can expect to find in the Q1 2022 edition:

• Updates on ransom severity. (It’s not as bad as the headlines.)
• The impact of zero-days and third-party risk. Spikes in claims typically point here.
• How small- and medium-sized businesses are holding up to the pressures of our current threat landscape — we asked, they answered.

Ready to dive in? Access the Corvus Risk Insights Index to get the full picture. 

Cybersecurity Tips 

From VP of Risk + Response Lauren Winchester and CISO Jason Rebholz 

Ransomware activity declined prior to and during the first weeks of the Russian invasion of Ukraine. Why?

The ransomware ecosystem is in flux. We observed a 30% reduction in ransomware claims frequency from Q4 2021 to Q1 2022 (through March 15th).

Our hypothesis: A number of factors fueling internal turmoil among ransomware actors temporarily shifted their priorities. 

1. Russia has long provided hackers who operate within their borders a safe haven for attacks targeting Western countries. After the January arrest of members of REvil, a notable ransomware gang, ransomware actors are no longer confident about their immunity to the law.
2. The Russian invasion of Ukraine divided ransomware actors. A once tight collaboration vanished overnight and forced a fundamental shift in operational strategy.

What does this mean for Western organizations? 

It’s no time to relax. Attacks are already resurfacing this month as cybercriminals adjust to their new workflows and resume targeting classic income streams. The major concern for retaliation lies with critical infrastructure (as mentioned by the White House) and organizations that have made public stances against Russia’s invasion by stopping sales, preventing new user signups, or suspending advertising. 

For more information on the fractured ransomware ecosystem — and what it has to do with Russia and Ukraine — read our blog post.

On Your Radar

A quick refresh on cyber threats. AKA: Acronyms to watch for.

Business email compromise (BEC) and distributed denial-of-service (DDoS) come up more than you may expect. DDoS attacks used to regularly make headlines, before ransomware stole the show. But the Russian invasion of Ukraine brought DDoS attacks back front-and-center. Meanwhile, BEC attacks remain a common (and inexpensive) way for threat actors to profit off an employee’s mistake. Read more about BEC and DDoS.

The Case of the (Missing) Unpatched Environment 

Our scan detected an unpatched server, but the applicant and their managed service provider insisted otherwise. Was the impasse ever resolved?  Spoiler: the Corvus team was able to solve the case of the missing unpatched environment — but did we end up with a safer policyholder and happy broker? Find out in our latest case study.

What's New at Corvus 

Brokers: We want to hear from you. 

For the past six months, we’ve been conducting interviews with a number of brokers to improve our partnerships for the future. We’ve already made some progress — earlier insights for renewals, providing access to vendors, and more — but we want your opinions to influence our roadmap.

Healthy planet + less risk = Safer World. 

Know a company focused on environmental sustainability? We’d love to help them be safer as they give back. Throughout the month of April, we’re offering the power of the Corvus Scan (all we need is a company URL!) in an effort to make environmental sustainability organizations, employees, and customers stronger against cyber threats.

Corvus in the News

• Forbes (March 21): Biden Reiterates Importance For Companies To Immediately Protect Themselves Against Potential Russian Cyberattacks
• Security Boulevard (February 28): Cyberinsurers Key to Combating Ransomware
• Business Insurance (February 16): Cyber defense systems can foil ransomware
• Reinsurance News (January 28): Corvus Insurance names new head of international
• Insurance Business (January 26): Why traditional insurers are struggling with cyber risk aggregation

Bird is the Word

What’s the deal with vagrant birds? We expect to see pigeons in New York, penguins in Antarctica — but what happens when they end up far away from home? It might be a sign that they’re adapting to human-driven changes in their environments. So, if you ever see a bird where they may not belong, it might not necessarily mean they’re doomed or windblown. They may be scouting for new homes. Learn more about wayward birds.