If it feels like you’re hearing more stories about ransomware attacks in the news lately…. well, there’s a good reason for that.
“I’m getting calls all the time from companies that have been hacked or been subjected to blackmail,” Robin Cohen (pictured), said from her New York City office. “My practice has probably increased tenfold on this issue in the last two years. I used to see it once in a while, but now I see it quite a bit.”
Cohen is a partner at Cohen Ziffer Frenchman & McKenna LLP, a law firm that represents policyholders in insurance cases. While cyber security issues make up just one part of her firm’s caseload, she notes it’s a fast-growing area for them, and more often they are being asked by companies to audit cyber policies and review their cyber coverage before ransomware attacks happen to them.
As for why people make these attacks on corporate systems, she doesn’t believe there’s any great mystery.
“You know that expression, when they say it’s not about the money, it’s about the money? I think it’s about the money,” she said. “I think at the end of the day the more profitable this sort of situation is, the more you’re going to attract people into the field.”
Ransomware attacks typically involve someone gaining access to a computer system for the purpose of either stealing data or blocking a legitimate user’s access to it. The “ransom” part comes in when the hacker threatens to either publish the victim’s data or hold it hostage until the victim pays a ransom to regain access.
While examples of ransomware attacks date back to the 1980s, it’s only been in the past decade that a combination of factors have seen these kinds of attacks on companies explode.
Recent high-profile cases involving major entities like Colonial Pipeline and meat producer JBS have brought more mainstream attention to the issue – and to the need for stronger digital security to prevent such attacks.
London-based Lloyd’s said the number of reported ransomware incidents worldwide in the first three quarters of 2020 was nearly 200 million, a number that represents a 40% increase in activity over the previous year – but when only the US is considered, that increase skyrockets to 145%.
Not only is the number of ransomware attacks growing every year, the people who are doing the attacking are also getting more from their victims, with Lloyd’s estimating the average paid loss for a US standalone cyber claim has gone from $140,000 in 2019 to $350,000 in 2020.
Little wonder the firm predicts the global market for cyber insurance to grow from $7.8 billion in 2020 to $20.4 billion by 2025.
“In 2021, we estimate that 20% of cyber premiums will be written at Lloyd’s,” said chief of markets John Tiernan. “This means we’re going to have to do more to increase the market’s capacity for dealing with ever more complicated risks and scenarios. We need to have a better understanding of how the market should function, and how its underwriting claims sophistication needs to grow in order to respond to market changes. It also means we’ll be increasing our oversight and taking more action on cyber at Lloyd’s.”
Taking action is what Cohen recommends as well. Until legislation catches up with the reality of ransomware attacks and governments take the increasing sophistication of these attacks seriously, she said it’s incumbent upon companies to have a plan in place for if and when it happens to them.
“The first thing is you really need to notify your carrier quickly,” she said. “You don’t want to be in a situation where you haven’t notified them and then you have a notice issue. That’s number one.
“Number two, you do want to get your carrier involved in the thought process, about how you’re going to handle it. You need to document your losses in a very clear and methodical way. Typically, the carriers in these cyber cases are pretty cooperative. But that could change over time as these claims get bigger and bigger.”