Rising ransomware demands, a steady stream of fraudulent wire transfers and remote workers operating on less-secure home systems are all scary situations for cyber insurers, according to specialist insurance provider CFC. However, three trends in particular are giving cyber insurers goosebumps this Halloween:
- Knock-on effects of single events
- IT managed service providers (MSPs) are under increasing attack – meaning that hundreds of thousands of businesses that rely on them are seeing increased system downtime, in some cases the loss of sensitive data, and the reputational damage associated with both, CFC said. Hackers are also using MSPs as a staging ground to launch ransomware attacks against the businesses these providers serve.
- Frightening ransomware trends
- This year has seen ransomware cases skyrocket in frequency. It’s also been the year of the most severe attacks cyber insurers have yet seen, CFC said. This is partially because of a new trend in ransomware to exfiltrate data, as well as encrypting it. In those cases, even when a business has the data backed up, if the ransom isn’t paid the organisation will have to deal with regulatory costs and reputational damage stemming from the data’s release.
- Rising cyber insurance claims
- Businesses are ever more reliant on technology to operate – paying suppliers by wire transfer, storing sensitive data online, and now using remote networks for employees working from home due to COVID-19. Losses are now rising against what have historically been low prices and small portfolios for cyber insurers, CFC said.
“All these events are conspiring to make 2020 a hair-raising year when it comes to cyber risk, and as a result the cyber insurance market is entering a period of readjustment,” said Lindsey Nelson, CFC’s cyber development leader. “For an important, but still relatively unsaturated line like cyber, balancing pricing with the willingness of businesses to purchase cover will no doubt be a big challenge in 2021.”