Insurance companies around the world are concerned that ransomware-based cyberattacks are on the rise, and that they stand to lose more as hackers step up their efforts to demand bigger ransoms from their victims.
Hackers have grown bolder over the past year, cybersecurity experts have noted; the experts also found that hackers have moved on from targeting individuals and small operations, and have now set their sights on larger companies that they know can afford larger ransoms.
This method of going after larger companies, known as “big game hunting” in the cybersecurity industry, has hurt cyber insurers – particularly those which offer cyber coverage to mid-sized companies.
“They’re large enough to be worth extorting but not large enough to have sufficient network protections to defeat the ransomware,” explained Sompo International global cyber product leader Brad Gow.
Gow told Reuters that Sompo has been handling a rash of claims related to the “RyuK” ransomware. Victims of the Ryuk malware are typically companies with annual revenue from US$500 million to US$1 billion.
As the ransom amount from these cyberattacks increase, so does their frequency. A report from Malwarebytes found that businesses detected 365% more ransomware attacks in the second quarter this year than they did for the same period the year before. Another report by Coveware stated that the average ransom amount has nearly tripled, from US$12,762 to US$36,295, between the first and second quarters of this year.
Experts believe the ransomware attacks are launched either by organised gangs in Russia and Eastern Europe, or by state-sponsored hackers. The latter can be particularly problematic, as some insurers have exclusions in their cyber policies that avoid covering state-sponsored cyberattacks.
Several insurers have come forward to Reuters to discuss the impact of ransomware attacks on their clients. While the companies confirmed that such cyberattacks have accelerated in recent times, they each declined to reveal how much they paid in total claims.
Beazley expects to tackle double –or even triple – the number of ransomware incidents in 2019 as it did in 2018. This includes another 800 claims by year-end. The Lloyd’s insurer also noted that ransomware incidents it reported during the third quarter saw a 37% year-over-year increase.
Chubb, meanwhile, revealed that in the first half of this year it handled the same total number of ransomware incidents as it did for all of 2018.
FM Global – which does not pay for ransoms – has confirmed that the average Ryuk ransomware attack claim from large companies is about US$2 million. For smaller companies, the claims are usually between US$150,000 and US$250,000.