Insurers cut cover amid growth of Ransomware incidents

Computing reports Insurance firms are worried about profits as ransomware gangs become more sophisticated.

Whilst previousy insurance companies  typically cooperated with  customers (and with Cybercriminls) to cover losses, cyber attacks have risen in number and sophistication which is forcing insurance companies to cut the amount of cover they provide to customers. Insurers have increased premiums, cut policy coverage and may even adopt an adversarial vs a co-operative response to ransomware claims.

“Insurers are changing their appetites, limits, coverage and pricing,” Caspar Stops, head of cyber at insurance firm Optio, told Reuters … Limits [the upper amount paid in a claim] have halved – where people were offering £10 million ($13.5 million), nearly everyone has reduced to five.”

  • American cyber insurance firm CNA Financial allegedly paid hackers $40 million (£30 million) to decrypt its data and restore systems, following a ransomware attack in March.
  • In June, meat processing giant JBS confirmed it paid $11 million (£8.2 million) to the REvil ransomware gang, which locked its systems at the end of May.
  • Insurers say some attackers may specifically check whether potential victims have policies that would make them more likely to pay a ransom.

One industry insider said a tech firm that previously paid £250,000 for £130 million of professional indemnity and cyber cover  is now paying £500,000 for a cover of £55 million.

The main advice from the FBI in the US is not to pay, and instead report the incident as early as possible. The agency also warned that paying ransoms only funds criminals’ efforts.

 

WebSci21 – Video Vault No 1 – Matt Weber

Notes

As a place for organizing and the emergence of new organizations, the Web is a platform that has been evolving for more than 25 years. Digital data from the Web provides a rich platform for observing a wide range of social science phenomena – especially patterns of organizational activity. Simultaneously, Web Science has emphasized the intersection of disciplines as a way to understand the science of the Web, but it is equally important to theorize how we connect levels of activity on the Web (from individuals to organizations to ecosystems and governments). Building off a foundation grounded in institutional theory and the emergence of institutions, this talk outlines a multilevel perspective of institutions on the Web as a means of understanding the various processes by which organizational activity occurs. New approaches to data collection and analysis are discussed in order to enable a multilevel and longitudinal analysis of Web-based activity.

Summary

In this talk Matthew Weber discusses how the theory and practice of institutional (organizational) behaviour has been modified by the growth of the Web and the corresponding opportunity and need to collect data from the Web to model and understand this evolving activity.

About the Video Vault Series

In partnership with the ACM we are pleased to be able to release a series of videos from the most recent Web Science Conference (ACM WebSci’21) that were previously only available to attendees of the conference.

The series will be released fortnightly and will include a selection of Keynote talks and Spotlight panel discussions.

Copyright / Links

This video is (c) 2021 provided under license from the ACM.