A new investigation by ProPublica has showcased a growing concern that is encouraging the existing ransomware problem. Insurance providers are preferring to pay ransom demands since it is the least expensive solution for settling claims. A substantial ransom may be required, yet paying the ransom is still less costly than paying for the price of re-establishing systems from nothing and inputting records from backups.
Both the insurance firm and breached company win if the ransom is settled. The insurance company saves funds and since a lot of insurance policies just necessitate payment of a little deductible, the same goes with the breached entity. In addition, they are most likely to get faster access to their records and systems, which saves cash and time by lessening downtime. The hackers to blame for the attack are equally pleased because they gained what they wished for.
This has been undoubtedly proven in the latest attacks where the breached entity did not want to pay up. The attackers responsible for the Atlanta City ransomware attack demanded a ransom of $51,000. The city declined and afterward paid close to $8.5 million to deal with the attack. The Baltimore city likewise refused to pay the attackers $76,000 as ransom and had to pay $5.3 million (plus more).
It is needless to say a disadvantage of paying a ransom. This allows the attackers to have the funds to carry out even more attacks. Paying out hundreds of thousands in ransom demand communicates the thought to other criminals that it is certainly good to conduct attacks. That merely boosts others to join the ransomware bandwagon and get started launching their own ransomware attacks. It is because of this that the FBI is against giving ransom.
The report furthermore shows that, in certain cases, cybercriminals are finding businesses with cyber insurance coverage since there is a greater chance that the firm will give the ransom demand. The report pointed out that one provider of cyber-insurance posted on its website information on a number of of its customers and three of them had ransomware attacks.
Information concerning organizations that have cyber-insurance may likewise be acquired from SEC filings. Ransomware gangs may likewise use that data to identify potential victims.
It is unclear whether organizations are being targeted especially because of having a cyber-insurance policy since there is minimal data to support such statements. A lot more companies are disposing of insurance, though it could just be by chance that insured organizations were attacked.
A lot of ransomware attacks still come about because of not discovering vulnerabilities and fixing the inadequate cybersecurity defenses. What is essential is to have more investment in cybersecurity methods, policies, and processes so that attacks will not likely prosper to start with.