Ride the Lightning

Ransomware Demands Get a Lot More Expensive and Cyberinsurance Costs are Rising

January 27, 2020

The Insurance Journal reported (via Reuters) on January 26 that U.S. insurers are ramping up cyber-insurance rates by as much as 25% and trying to curb exposure to vulnerable customers after a surge of costly claims.

There were 6% fewer ransomware incidents in 2019 versus the prior year, according to Malwarebytes. However, attacks are now designed to spur deeper and more lasting technological problems, with hackers demanding bigger sums.

The average ransom of $41,198 during the 2019 third quarter more than tripled from the first quarter, according to Coveware, which helps negotiate and facilitate the payments. That is painful. It wasn't long ago that we were rarely seeing demands exceeding $3000 at small law firms and other small entities.

Ransomware recently crippled foreign-exchange firm Travelex Ltd's systems for weeks, leaving staff to serve customers with pens and paper. Hackers demanded $6 million, the BBC reported. Travelex has declined to comment.

Another attack in December paralyzed the Albany County Airport Authority's administrative computers. It had to pay $98,705.96 in Bitcoin to get the system unlocked, a spokesman told Reuters. Its insurer, Chubb Ltd, covered the ransom, he said.

Cyber policies often cover not just ransom, but data recovery, legal liabilities and negotiators fluent in hackers' native languages. Some insurers are considering changes, given the rising costs.

Zurich Insurance Group AG is more likely to underwrite firms that have added network features to prevent attacks from spreading through systems, said its chief risk officer, Peter Giger.

Insurers may also lower amounts they pay for ransomware attacks against higher-risk companies or shift to coinsurance, in which policyholders would pay 20% to 30% of ransomware claims. They might also require those policyholders to have data-backup procedures.

The rise in the amount of ransoms demanded is really straining small firms which don't have insurance coverage for the ransomware payments. If you haven't run "ransomware scenarios" in your incidence response training, now is a good time to start. You need to know what precisely your insurance covers, and how much you can afford to pay. And first-rate back up procedures are a necessity, now more than ever.

The other fly in the ointment is that some ransomware attacks now exfiltrate the data before they encrypt it. And that's a data breach. Are you ready for all this?

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson