Data Backup Digest

Do-It-Yourself Windows File Recovery Software: A Comparison

results »

Insurance Companies Are Increasing the Number of Ransomware Attacks

Ransomware attacks show no signs of slowing down. You’ve probably read a lot about them in the news recently, but if you haven’t then know that malicious groups are targeting organisations, gaining access to their data, then encrypting it and asking for payment for the data to be returned.

A concerning fact about this is that ransomware attacks may be on the rise because of the insurance companies that deal with the results of these crimes.

An investigation was recently published by ProRepublica, as they looked into the insurers who handle ransomware incidents and what resolution steps they take on claims. The report states that the insurers are more likely to pay the ransom charges than not – and those charges can go into the hundreds of thousands of dollars.

Paying the ransom charge supposedly gives the company a quicker resolution and hands back access to their data. The longer time is spent without critical data, the longer operations will suffer, which in turn impacts financial intake and damages reputation.

However, ProRepublica claim that insurance companies are fuelling and benefitting ransomware attacks by choosing to pay the ransom. They even found cases where alternative solutions, like restoring from saved backup files, were dismissed in favour of payment.

It might seem like an obvious choice to go for using the backup files if they’re available. However, that process can add up for an insurer, since they then need to pay for things like additional staffing to make the recovery and handle public relations.

This situation occurred in Lake City, where the city had been hit by ransomware. The city’s Mayor, Stephen Witt, said that although there were attempts to recover backup files, he preferred to pay the $10000 insurance deductible and get back to business immediately, rather than spend more money that they didn’t have to recover files.

The trouble is, a successful ransomware attack that takes payment from victims is only fuelling these malicious attackers. If they know they can get payment, they will continue to make the attacks. By paying out, insurance companies fuel further attacks.

Cybersecurity experts and the government advise against paying ransoms. Not only does it fund the crime, but it also has other implications too. Many organisations pay the ransom, but they don’t realise that there might still be malware in the architecture, ready to infect the system again or silently steal data.

Fabian Wosar, the CTRO for virus protection firm Emsisoft, said to ProReplica that the insurance payments are “what’s keeping ransomware alive today. It’s a perverted relationship. They will pay anything, as long as it is cheaper than the loss of revenue they have to cover otherwise.”

So, insurers pay the criminals, and ransomware continues to spread. This is going to cause more organisations to wake up to the threat and be concerned about the integrity of their data – and rightly so. Who will they turn to? Insurers, of course. As such, not only are insurers keeping their costs down by paying the ransom money, therefore fuelling more ransomware, but they are also picking up more business because of it.


No comments yet. Sign in to add the first!