Cyber Insurance: Ransomware Extortion on the Rise

Raonsomware Street Sign

Ransomware is a growing plague that has become more sophisticated with innovative methods, and the ransom demands are skyrocketing. Cyber Liability Insurance experts report one million dollar extortion attempts, after attackers were able to encrypt some very important data.

According to experts, the ransomware attacks are only going to increase as expert hackers are using technology such as machine learning and artificial intelligence to develop strong ransomware variants which can easily deceive anti-virus software. In the past, ransomware hackers would simply use RDP brute-force to attack a system, locate its back-ups, encrypt with a variant of ransomware and exit. However the new breed of hackers are not using this simple method. They are now causing more damage by moving laterally within systems. Hackers are now turning off anti-virus systems and creating domain controller accounts to gain complete access to systems.

Cyber criminals are also getting smarter with who they target to extort with ransomware. They are attacking large organizations such as manufacturers, hospitals, schools and government agencies who typically hold sensitive personal information that hackers can use to demand more money. The larger the organization, the higher the ransom fee hackers are demanding. They particularly target large organizations within countries with higher cost of living like the US, UK and Canada.

Small to medium-sized organizations are still a great target from the perspective that they usually have weaker security controls in place so are easier to infiltrate.  Here the cyber criminals work on volume.  Individual ransoms are lower but they target many of these smaller organizations for a good size total payout.

In the event of a ransomware extortion, a Cyber Liability Insurance policy could go as far as providing a lawyer, forensics company, notification provider, PR consultancy and incident-response manager during an attack.  However, experts also warn that having an Cyber Liability Insurance policy might actually make an organization more likely to be targeted.  As a result, high-risk organizations include insurance companies themselves, their brokers, and employees in legal, accounting and C-level positions who are knowledgeable about Cyber Insurance policies.

Here are three effective ways to protect your network against ransomware infections:

  • Use a rock-solid backup solution, ideally with hourly snapshots that are easy to roll back.  Be sure to back up locally and to the cloud.
  • Religiously patch all operating systems and all third party apps.
  • Enroll all employees in new-school security awareness training with frequent phishing tests.  This is essential in protecting your network, as cyber risk managers worldwide agree that people are the weakest link when it comes to an organization’s exposure to hackers.

Cyber security is  a fast-growing concern.  If you have worries about the security of your organization’s computer network, including training to help your employees identify potential cyber attacks, you can get details about what BSC Solutions Group has to offer HERE. 

For more articles like this, subscribe to BSC IT News & Tips: