Ransomware Attacks

In the cyber insurance industry over the recent years, we’ve seen a dramatic increase in the amount of premiums, and the primary driver is the number of ransomware attacks.

Ransomware has different forms:

  1. In the first form, you show up in the office one day and your screens are already black with a threatening message.
  2. Second, where the threat actor gets into a system and incubates that system. When they already feel that there is a real vulnerability, they will trigger a ransomware attack.

A lot of school systems unfortunately have been hit by this recently so they’ll know right before the school year to ask for a ransom, or if there’s a big event coming up, or some essential activity that has to take place, and that’s when they’ll trigger this ransomware attack because they’re hoping to get paid. 

Ransomware attacks 2020 v. 2021: And we see a huge increase in this from 2020 to 2021, and even with the new data in 2022, it is increasing even more. So they’re becoming more and more prevalent.

These are the type of attacks where the insured businesses can hit the full policy limit in days. They can be extremely expensive and at times, unfortunately, these criminals view themselves as business people. They are definitely criminals but they are very good at how much ransom to ask for, how they’re going to get paid, and being able to work on the system. 

“Unfortunately, cybercriminals view themselves as business people. They are good in asking how much ransom to ask for.”

So the increase in these ransomware attacks, which are covered by good cyber insurance policies, has led to a lot of claims being paid out which led to that graph where the premiums have gone up dramatically because the companies have to rework their algorithms around how they’re going to charge their premiums based on claims on the past. 

The statistics in the image below are quite frightening; hence, it’s important not just to learn about insurance but to focus on the cyber security that is put into place by individual businesses. 

Why do you need a cyber insurance?

The number above, $2.98 Million, always looks big to us even if we’ve seen this over and over again. The average cost of a data breach is almost $3 million dollars. 

We’ve seen quite a few that are not as big and are not always going to happen, but there are also some that are a lot larger, that’s why $3 Million is the average.

Why almost $3 Million data breach cost?

Ransomware

It’s almost $3 million because when we look at a data breach, it might involve a ransomware element to it, as well as business interruption. 

Business interruption

Business interruption is when normal business activities cannot take place, so there’s a cost associated with that. If a company is down for a month or 6 weeks or slow for 2 months and they can’t perform normal business, that is a real cost out there.

Regulatory concerns

When we look at data breaches, there are a lot of regulatory concerns. Particularly in certain industries, there can be not just fines but there could be efforts such as having to purchase a personal protection service for the next year for everyone whose data was accessed. That does happen at times. 

Call centers or Press Releases

There might need to be a call center set up to notify people. There might have a need for a press release. 

And if we look at insurance as a product, why would someone want insurance? And why would someone want cyber insurance as opposed to a general one? All these elements that are involved in an attacker are covered in a policy, but it’s not just coverage that is important, it’s having experts in each of these areas of forensics, negotiation, remediation, public relations, and being able to quickly put together a defensive front in a case of one of these attacks. 

Queries

Is it correct to say that the average coverage that a company should look at is 3-4 months of revenue for a breach?

Yes, that is typically what we recommend. That 3-month figure is a good ballpark because it’s not just counting the period of ransom but the possibility of where a forensic investigator will go in. It’s really that business interruption piece where business may be down for an extended period of time. 

So, hopefully, it’s not gonna be 3 months but we look at that 3-4 month figure because there might also be legal costs and there might be a ransom itself, a call center, and all these other things in addition to business being slow. So, I think that’s a really smart figure to look at.

These large average costs, you may think that these might just be a problem of Fortune 1000 companies. But in reality, it’s small and medium businesses that are facing the majority of these attacks.

Statistics show that 68% of small businesses had a cyber attack last 2021. And 61% as a whole target small and medium businesses. So this is an issue that is certainly not for just for that Fortune 1000 companies or very large corporations or cities and state entities. It is an issue facing small and medium business communities.

“you may think that these might just be a problem of Fortune 1000 companies. But in reality, it’s small and medium business that are facing the majority of these attacks.”

The saddest part is the number of bankruptcies and business closures. This is a great reason to explore cyber insurance and how added cyber security steps can help.

Picture of by Wayne Roye

by Wayne Roye

Microsoft Strategic Consultant

Book an Appointment