Insurance companies have reportedly halved the coverage they provide to customers in the event of a ransomware attack.
Quoting anonymous industry sources, Reuters says that the situation is so dire that Lloyd's of London, which controls around a fifth of the global cyber market, has discouraged its 100-odd syndicate members from taking on cyber business next year.
Although Lloyd’s declined to comment to Reuters, cybersecurity experts tell TechRadar Pro that insurance coverage has invariably led to an increase in the number of ransomware attacks.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
“Ransomware payouts are out of control and insurance is one of the driving factors behind this new phase of attacking companies. When payments are made, the ransomware business cycle continues and even ramps up, meaning more companies will inevitably be attacked,” explains Jake Moore, cybersecurity specialist at ESET.
But will it help?
Cybersecurity firm Coveware has gone as far as to liken the 90%-plus profit margin from ransomware attacks in 2021 to the gains made by the Colombian cocaine cartels of the early 1990s.
The cyber insurance sector is reportedly rattled by the sharp increase in ransomware campaigns thanks to an increase in the number of attacks due to the pandemic-induced remote working environment.
Unlike the indiscriminate mode of attack used earlier, modern day attacks have become a lot more targeted, with the attackers reportedly carefully scouting their targets. And one of the aspects they screen for is a targets’ cyber insurance cover.
The increase in ransomware attacks and the growing sophistication of attackers has made insurers wary. The increased attacks translate into hefty payouts, which has had a negative impact on the bottom lines of the insurance companies, according to insurance broker Aon.
“With insurance payouts halving, this may indicate the start of a possible slowdown [of ransomware attacks]. However, this may just mean demands double,” opines Moore.
He uses the opportunity to remind businesses of the age-old mantra ‘prevention is better than cure,’ asking them to adhere to better procedures in protection of their assets, irrespective of the reduction in coverage by the cyber insurance sector.