Third-party attacks emerged as a significant driver of material financial losses from cyber incidents in 2024, according to cyber risk management firm Resilience.

Third-party risks made up 31% of all client insurance claims and 23% of material losses last year. This marks a significant change from 2023, when no third-party claims led to material losses for Resilience clients.

“This shift underscores the growing vulnerabilities created by interconnected systems and reliance on external vendors in 2023,” the firm wrote in a report dated February 27.

Ransomware the Biggest Cause of Losses

Ransomware attacks targeting vendors made up 42% of the third-party claims, with losses from these incidents rising four-fold compared to 2023. The attack on automotive software firm CDK, which impacted thousands of car dealerships across the US and Canada, is an example of a ransomware attack on a vendor that financially impacts customers.

Vendor security failings, including the CrowdStrike global outage in July 2024, made up 4% of all material claims. Not all the claims arising from this incident have been fully developed, Resilience noted.

The company said that this trend is driving insurance companies to adjust their underwriting practices regarding third-party risk.

Overall, ransomware held its position as the top cause of material losses for businesses from 2023 to 2024. First-party ransomware incidents made up 44% of client ‘s material claims, while ransomware targeting vendors contributed to 18% of such claims.

Altogether, 62% of claims with losses were related to ransomware.

Despite these figures, the researchers noted that there are indications that ransomware frequency may be declining in broader markets.

“This is likely due to threat actors focusing on larger, high-profile organizations that yield bigger payouts, as opposed to the previous “spray and prey” approach,” they said.