Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security IT

Ransomware Accounted For 41% of All Cyber Insurance Claims in H1 2020 (zdnet.com) 13

Ransomware incidents accounted for 41% of cyber insurance claims filed in the first half of 2020, according to a report published today by Coalition, one of the largest providers of cyber insurance services in North America. From a report: The high number of claims comes to confirm previous reports from multiple cyber-security firms that ransomware is one of today's most prevalent and destructive threats. "Ransomware doesn't discriminate by industry. We've seen an increase in ransom attacks across almost every industry we serve," Coalition added. "In the first half of 2020 alone, we observed a 260% increase in the frequency of ransomware attacks amongst our policyholders, with the average ransom demand increasing 47%," the company added. Among the most aggressive gangs, the cyber insurer listed Maze and DoppelPaymer, which have recently begun exfiltrating data from hacked networks, and threatening to release data on specialized leak sites, as part of double extortion schemes. Based on cyber insurance claims filed by customers who faced a ransomware attack in the first half of 2020, Coalition said the Maze ransomware gang was the most greedy, with the group requesting ransom demands six times larger than the overall average.
This discussion has been archived. No new comments can be posted.

Ransomware Accounted For 41% of All Cyber Insurance Claims in H1 2020

Comments Filter:
  • If they backup companies - drives, clouds, services, whatever ...- were on the job, they'd have their sales guys all over the place.

    Now, just saying the fucking obvious - I am Evident Boy! Cpt. Obvious' side kick! - I would humbly guess that it is a budget issue with these entities or lack of consideration. As with my doctor, he thought that he was immune to cyber-attacks since he was a "small business" . At least that is what he put into his apology letter written by his lawyers, no doubt.

    But since the ge

    • I was about to rant about how any company who does not employee proper transactional backup systems should not be allowed to file claims.

      At my company (multinational science research project), our data is georeplicated to a minimum of 3 locations. We store about 50 exabytes of data on the project I am working on. Each copy is write once.

      All systems, no matter what kind is stored in git and replicated to at least 5 locations. If we suffer a total system loss, we can delete and restore any server in 24 hours
  • by mark-t ( 151149 ) <markt AT nerdflat DOT com> on Thursday September 10, 2020 @02:09PM (#60493222) Journal

    ... really need to stop insuring against damages caused by paying out ransoms

    • by xack ( 5304745 )
      Or at least deny to companies without back up plans and using unsupported operating systems.
    • I am pretty sure if you have a business you'd be the first to want this type of insurance for your business. The business model can work if the insurance companies required their customers to have better security.

      • by mark-t ( 151149 )

        The underlying point of my suggestion was to ideally force companies that want to pay ransoms to do so out of their own pocket, rather than relying on insurance to get them out of a pickle that could have been prevented with even an iota of foresight. This would, by design, make paying ransoms less financially viable, in turn reducing the revenue stream of ransomware authors, lowering the incentive to spread the software in the first place.

        Simply put, if a company has no policy in place to recover from

  • What's an H1? Do you mean Q1? Slashdot editors == /cry

  • If a company will reliably pay ransomware doesn't that just make them more likely to be targeted? Talk about a bad strategy.

    I'm waiting for them to infect the firmware of an insured company's computers and then every couple months they simultaneously perform a ransomware attack to get a steady stream of money from them.

  • by account_deleted ( 4530225 ) on Thursday September 10, 2020 @03:59PM (#60493628)
    Comment removed based on user account deletion
  • How many of the claims were actually paid? Conversely, how many times did the cyber insurance carrier deny the claim?

    I've seen cases where, rather than actually pay on claims, the insurance carrier brings in the services of a remediation company, that is actually a division of the insurance carrier.

    I've yet to see any evidence that cyber insurance isn't just a huge scam. A warning letter and LifeLock Bullshit credit monitoring for all is not an appropriate remedy to breach/ransomware, in my opinion.

  • Could the US DoJ go after the insurance companies for breaking the law (or was it being illegal a myth)? I understand the blind eye that is turned towards ransom being paid for human kidnappings due to the political nightmare, but maybe this is more appropriate for examples to be made.
  • Make it a felony in all 50 states to pay ransoms. The end. No more ransomware attempts because it will have a 0% success rate. What's the rationale behind it? What group of people are you funding? Criminals? Foreign hacking actors? Terrorists? Some group of extremists? North Koreans? It absolutely should be illegal to pay ransoms!!!

How many QA engineers does it take to screw in a lightbulb? 3: 1 to screw it in and 2 to say "I told you so" when it doesn't work.

Working...