Unsurprisingly, Ransomware remains the most common cyber threat and no company or network is safe from it. What started with some compromised floppy disks where victims were asked to pay $189, is now a billion-dollar cybercrime industry with the potential to cause damage worldwide.
According to SonicWall reports, 2021 has been the most active year for ransomware on record, with attacks increasing 148% in Q3 2021, and ransom demands being the largest to date.
Given how cybercrime rages on, organizations start to shift to a cyber resilience approach and adopt an ‘assumed breach’ mentality. Defense strategies improve, backing up business-critical data is almost a standard now, and cyber-insurance protection is also on the rise.
Cyber insurance exists to safeguard companies from the consequences of cyberattacks, including covering the financial costs of dealing with incidents. But many experts claim that Insurance might be fuelling the cybercrime industry since organizations are relying on their cyber-insurance policies to simply pay the ransom demand instead of adopting the security measures that could prevent such an attack in the first place.
We know why the Cybercriminal Underground is so successful (beyond being a trillion-dollar industry) … They are highly organized; they share information and knowledge, and they know who to target: the organizations they recognize as potentially the most profitable or most likely to pay a ransom. So, it only seems logical for ransomware gangs to actively pursue organizations with cyber-insurance policies since it’s the best way to guarantee they'll make money from encryption campaigns.
The Insurance Industry is also concerned, since the ransomware claims and demands are not only becoming more frequent, but they’re also a lot more expensive. As a result, Insurers are already increasing premiums and demanding to see detailed proof of cybersecurity strategies used by companies that want to buy cyber insurance. The multinational firm AXA even announced it would no longer write new cyber-insurance policies covering extortion and, coincidentally or not, was hit by a Ransomware attack a few weeks later.
We also have new types of extortion now, like Double-extortion, which has since become standard. Before encrypting data, gangs like REvil exfiltrate sensitive information from the network before encrypting files. That way, in addition to holding encrypted data for ransom, they can encourage their targets to pay the ransom to avoid public exposure of the exfiltrated data.
The availability of cyber insurance doesn't seem to be helping to improve cybersecurity, at least right now. For many companies, the thought of a breach and data becoming publicly available on the internet makes a high ransom seem worth it, and if Insurance will cover it, they won’t think twice about relying on it.
By:
