Cover Blown? What Next For Ransomware Insurance?

Jun 24, 2021 | Thought leadership

The global ransomware surge continues. Since May, Colonial Pipeline in the U.S. is reported to have paid $4.4 million to attackers in order to get its infrastructure restarted, and weeks after the Irish healthcare system was attacked, it remaines “significantly disrupted”. Japanese multinational FujiFilm is among the latest high profile victims, having been forced to “shut down parts of its global network” due to a suspected attack.

Over and above these high profile incidents, 2021 has seen a “dramatic increase in [ransomware] activity”, according to Harvard Business Review, with some demands now as high as tens of millions of dollars. Attacks are trending towards these bigger numbers, increasingly targeting sensitive company information, with the worldwide cost of ransomware predicted to exceed $265 billion by 2031.

Many organisations have planned ahead to mitigate the potential financial impact of being held hostage by taking out specialist insurance policies. While this is an understandable precaution to take, there is a growing sense that the increase in ransomware insurance payouts may be fuelling a rise in attacks, and that cybercriminals are actually targeting organisations who are known to have insurance.

This is having a knock-on effect on the attitude of insurers to the problem. In France, for example, AXA, the country’s largest general insurer, recently announced that it will no longer reimburse ransomware payments for customers within the country. Just days after they made the announcement, its operations in Asia were subjected to a massive ransomware attack, described in some reports as “retaliatory”.

In its analysis of the unfolding situation, the Financial Times said that, “the severity and volume of incidents has led insurers to become much tougher with corporate customers” and the cost of cover is “surging”. Dark Reading went further by questioning whether ransomware incidents will become “uninsurable”. And recently, Ciaran Martin, the former head of the National Cyber Security Centre (NCSC), “called for a dialogue over whether or not it is time to ban insurers from covering ransomware payments.”

As perhaps the ultimate reactive response to a cybersecurity breach, ransomware insurance has become a go to strategy for those organisations that recognise the risk. It’s a pragmatic attitude, but also underlines the widespread vulnerability of IT infrastructure, and with documents and email attachments the most successful method used to deliver ransomware and other malicious attacks, criminals are focusing on vulnerabilities in everyday files such as PDFs, Word, Excel and PowerPoint.

A major part of the problem is that detection-based security methods have to play catch up with new threats. In contrast, Glasswall Content Disarm and Reconstruction (CDR) delivers a proactive defence that instantly cleans and rebuilds files to match its known good industry spec – automatically removing potential threats. This simple approach ensures every document entering the organisation is safe, without sacrificing productivity.

To read more about how we help defeat the risks posed by file-based cybersecurity threats, click here.

CDR Platform

Email

Plug-ins

SharePoint Plug-in

CDS Plug-in

ICAP Plug-in

Apps

Web App

Desktop App

SDK

Secure Email

Cloud Native Integrations

Malware Risk Removal

SDK Integration

Metadata Removal

Data Migration

File Uploads & Downloads

Solutions Collateral

Blogwall

Community

Take a Test Drive

Partners

Become a Partner

Our Partners

About us

Careers

Our People

Contact

Support