Connect with us

Technology

Ransomware’s revival

Ransomware’s revival

By Jan van Vliet, VP EMEA, Digital Guardian
In spite of organisations’ efforts to double down on cyber security efforts, it seems that ransomware is making a comeback. Last year, financial services firms reported 819 cyber incidents to the Financial Conduct Authority (FCA), a significant increase on the 69 incidents reported the year before. Ransomware was named as the second most prolific type of attack and its resurgence is proving to be an ongoing and serious security challenge for financial institutions.

In late December 2019 currency exchange bureau Travelex became the target of a ransomware attack which disrupted services for many UK bank customers including RBS, Sainsbury’s Bank, First Direct, Virgin Money, and Barclays.  Despite paying a $2.3 million ransom in Bitcoin, the company’s long-term survival is still in question.

As ransomware continues to cause havoc, more and more organisations are taking the advice of their cyber insurance provider and paying the ransom.  Why? Because in many cases paying the ransom is much cheaper than trying to recover the lost data through other means.

What’s insurance got to do with?

Jan van Vliet

Jan van Vliet

Cybercriminals are becoming commercially smarter and much more ambitious. Alongside encrypting data, they’re also stealing it and threatening to release it on the Internet – thereby exposing organisations to significant regulatory, financial and reputational loss. Little wonder then that more and more organisations are resorting to cyber insurance in a bid to mitigate and protect against business losses.

But that, as it turns out, is contributing to a proliferation of ransomware. In many cases, organisations find that paying the ransom is a much cheaper option than trying to recover lost data – or dealing with the service interruptions that result during the recovery of backup files. The more ransomware victims use insurers to pay ransoms, the more criminals are encouraged to carry out ransomware attacks.

It’s the law of unintended consequences that’s proving to be both profitable and rewarding for hackers – while motivating a growing number of businesses and government agencies to purchase insurance policies.

Money talks
With the global market for cyber insurance set to be £11 billion by 2022, according to RBC Capital Markets, it appears that cybercriminals aren’t unaware of the fact that when organisations conduct a cost-benefit analysis they often determine that paying a ransom demand and claiming on their insurance policy is preferable to rebuilding systems from scratch. Even if they have backups in place – because it can take up to a month or more to recover a full cloud backup.

What’s more, organisations are paying off cyber criminals with the full agreement of their insurers, for whom paying the ransom is cheaper than footing the bill for recovering the data themselves. Let’s take a look at the economics of how this works.

Last year, the municipal government for Lake City in Florida paid a ransom of around £350,000 via its insurance policy; the government itself was only liable for £7,500 policy excess, while its insurance firm Beazley paid the balance of the ransom. The decision was made on Beazley’s recommendation, because the prolonged recovery from data backups would have run into millions of dollars.

The pragmatism of the decisions taken are difficult to dispute; paying the ransom saved both the government and its insurance firm a significant amount of money, while ensuring the government could get back to work faster.

By contrast, when the city of Atlanta refused to pay a £42,000 ransomware demand it estimated that the costs associated with responding to the attack and recovering files was in the region of £6.8 million dollars.

Payment fuels demand
Emboldened by the knowledge that more organisations are resorting to insurance cover, cybercriminals are upping their game and demanding ever-higher sums. This should serve as a signal warning for enterprises, because recent estimates suggest that the average ransom payment currently stands at around £27,000 – representing a six-fold increase in the last 12 months alone.

While insurance companies will ultimately pay the price in the short term, the cost of cyber insurance is certain to keep escalating. What’s more, it appears that criminals are actively targeting organisations that they know have a cyber insurance policy in place.

Until businesses invest in better security systems of their own, or faster and more reliable data recovery technology becomes available, the current escalation of ransomware attacks looks set to continue for some time to come. For organisations that don’t want to find themselves negotiating with hackers – who may well be using payments to fund terrorism or organised crime – prevention as a first priority must be a better path to follow.

Editorial & Advertiser disclosure
Our website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.
Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Recommended

Newsletters with Secrets & Analysis. Subscribe Now