The impact of ransomware on insurance is growing into a major concern. As cyberattacks rise in quantity and sophistication, payouts to hackers have also increased as have the means to protect businesses.
According to a recent Reuters’ article, global insurers have to transform the way they provide cyber insurance.
What is ransomware and who is affected?
Ransomware is a malicious software or malware used to deny access to a system or its data until a ransom is paid. Sometimes sent by foreign entities (whether individuals or nations), such programs shutdown and takeover systems, crippling businesses who are told to pay or risk losing everything.
With the continual development of technologies, hackers have even diversified their attacks in an effort known as ‘big game hunting’: the bigger the game (i.e. business), the bigger the payoff.
According to Reuters, businesses detected 365% more ransomware attacks in the second quarter of 2019 with the average ransom nearly tripling.
The costs of both refusing to pay and paying the ransom can be detrimental to businesses, particularly those with sensitive information like in the Healthcare Industry (as we reported here), the third most common industry targeted by ransomware.
We’ve even seen organizations have to shut down due to a ransomware attack.
How are insurers responding?
The type of coverage offered to businesses also has diversified and includes data recovery, legal liabilities (for exposing sensitive information), the provision of negotiators, and the payment of ransoms.
Paying the ransom, no matter how exorbitant, is thought of as the cheapest, easiest solution but many in the field believe this just makes hackers’ methods more sophisticated as they target businesses with cyber insurance.
A ProPublica article suggests that hackers attack businesses with cyber insurance as they are more likely to get a payout.
What does this mean for cyber insurance in the future?
The future of cyber insurance is unfortunately unknown as the industry has to go through its own rapid transformations to keep up with more and more advanced ransomware.
Cyber insurance—how to protect, who to protect, and when to pay a ransom—will have to be fluid in order to face continual technological advances.
A good place to always start is using security and training to prevent a breach in the first place, then having a strong data backup and recovery strategy in place if one does occur.