Clear

Hit by a ransomware attack? Here's what to do

A ransomware attack on a single software vendor may have impacted as many as 1,500 businesses around the world, in the latest example of cyber criminals crippling computer systems and demanding millions of dollars to restore them.

Posted: Jul 6, 2021 1:15 PM
Posted By: CNN Wire

(CNN) -- A ransomware attack on a single software vendor may have impacted as many as 1,500 businesses around the world, in the latest example of cyber criminals crippling computer systems and demanding millions of dollars to restore them.

The list of high-profile ransomware attacks grows longer and more alarming by the week, impacting everything from gas pipelines and meat supplies to ferries. Those companies and agencies that get hit must scramble to protect their systems and a tough decision on whether to pay hackers to remove the disruption.

In the face of that situation, affected companies may rush to reach out to their IT teams, police, crisis PR, lawyers and law enforcement. But, frequently, one of the first calls is to their insurance provider.

Companies often purchase specific cyber insurance plans to help protect their systems and cover any losses from a cyberattack. And ransomware, which allows hackers to take over computer systems (or even physical infrastructure) and extract fees running into the millions of dollars to unblock them, has only boosted the demand for that insurance.

But this lifeline may also be getting harder to access for companies because of rising costs, more stringent requirements from insurers and increased scrutiny from the government when foreign hackers are involved.

Growing demand
AIG, one of the world's largest insurers, says it saw a 150% increase in ransom and extortion claims between 2018 and 2020. Ransom demands now account for one in every five cyber insurance claims, the company added.

"Data-intensive companies were the first ... but over the last number of years all types of industries have started purchasing cyber insurance," Tracie Grella, AIG's global head of cyber insurance, told CNN Business. "I think at this point it's certainly clear that all industries are impacted, all have to manage cyber risk."

Depending on the size of the company and what needs to be covered — from security teams and lawyers to potential lawsuits and reimbursement for business losses or even ransom payments — plans can cost anywhere from "a couple hundred dollars ... up to multimillion-dollar programs," Grella said, adding that AIG's clients make ransom payments roughly 50% of the time.

The FBI and cyber security experts recommend against paying ransoms, saying the payments encourage cyber criminals to step up their targeting of businesses and infrastructure.

The average cost of a cyber insurance policy in 2019 was $1,500 a year for $1 million in coverage with a $10,000 deductible, according to Mark Friedlander of the New York-based Insurance Information Institute.

It's getting harder and more expensive
As the frequency and range of targets for ransomware attacks goes up, that cost is increasing. According to an April report from Fitch Ratings, total premiums for cyber insurance coverage clocked in at $2.7 billion in 2020, a 22% increase over the previous year, and is expected to go up further in 2021.

Companies that want cyber insurance are also now subject to much more severe scrutiny of their existing cyber security measures before they can get approved for a plan.

AIG gives prospective clients a list of 25 questions specific to their protections against ransomware, which include details on how often they test employees against email phishing attacks and how long they take to deploy critical security patches (ranging from "within 24 hours" to "more than 7 days").

"Right now ransomware is more prevalent, so we do have a deeper dive, more specific underwriting strategy around ransomware ," Grella said. "If certain controls are not met, we will likely still provide coverage ... but it will be reduced cover."

Some cyber security experts also warn against treating insurance as a catch-all solution, particularly when demand is spiking.

"In some cases organizations are a little too ready to transfer this kind of risk through insurance. They think that that's a real healthy backstop and they can avoid doing some of the other, more painful investments in security," said Mike Hamilton, the chief information security officer at cyber security firm Critical Insight.

And with the US government deciding this week that it will use similar protocols to deal with ransomware attacks as it does with terrorism, particularly those linked to nation-states, Hamilton says insurance providers have a potential avenue to avoid paying out cyber insurance claims. Terrorism insurance is often a separate plan offered to businesses, and rarely covers events that are considered acts of war.

"If insurance companies can call anything a nation-state act or an act of terrorism, they don't have to make good on their policies, and that's going to be a problem," he added.

Who else to contact
With or without a cyber insurance policy, most companies' first line of defense against cyberattacks remains their internal IT department. It's not uncommon for firms to have contracts with external cyber security firms that can deploy incident response teams and cyber ransom negotiators.

But experts say getting law enforcement and government agencies involved early on is also important. The FBI is the main agency in charge of investigating cyber attacks, and provides resources such as the Internet Crime Complaint Center and National Cyber Investigative Joint Task Force where companies can flag incidents.

Other agencies handling cyberattacks include the Department of Homeland Security's National cyber security and Communications Integration Center and the US Computer Emergency Readiness Team. Most of those agencies have online portals to report incidents, and many also provide phone numbers.

"The first thing a company should do is call the federal government," said Andrew Rubin, founder and CEO of cyber security firm Illumio.

"When companies operate in a silo, things get out of hand," he added. "Information sharing between the private and public sectors is critical."

The-CNN-Wire
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

Related Content

Scroll for more content...
Terre Haute
Partly Cloudy
88° wxIcon
Hi: 90° Lo: 70°
Feels Like: 93°
Robinson
Partly Cloudy
88° wxIcon
Hi: 90° Lo: 68°
Feels Like: 93°
Indianapolis
Partly Cloudy
87° wxIcon
Hi: 90° Lo: 71°
Feels Like: 91°
Rockville
Partly Cloudy
86° wxIcon
Hi: 89° Lo: 69°
Feels Like: 94°
Casey
Partly Cloudy
85° wxIcon
Hi: 88° Lo: 70°
Feels Like: 89°
Brazil
Partly Cloudy
88° wxIcon
Hi: 88° Lo: 70°
Feels Like: 93°
Marshall
Partly Cloudy
88° wxIcon
Hi: 89° Lo: 68°
Feels Like: 93°
Sunny, hot, and humid!
WTHI Planner
WTHI Temps
WTHI Radar

Most Popular Stories

Latest Video

Image

Holiday travel coming to an end

Image

Visit Indiana; site ready to help Hoosiers plan summer road trips

Image

Tuesday: Patchy fog, mostly sunny. High: 91

Image

Deming Park Long Weekend Fun

Image

Vigo County is gearing up for their annual county fair

Image

The Clay County Historical Museum has recently opened its doors again

Image

Salvation Army looking to help students in need

Image

Work continues moving along at the new convention center in down-town Terre Haute

Image

Linton residents gather for annual Freedom Festival parade

Image

Monday night: Mostly clear, warmer, light southwest wind. Low: 70°

WTHI Events

 

In Case You Missed It

${article.thumbnail.title}

Trace Adkins: The Way I Wanna Go Tour

${article.thumbnail.title}

SCAM ALERT: Con artists use patriotism to steal money and information

Image

Local officials react to setback in Terre Haute casino process

${article.thumbnail.title}

SCAM ALERT: Avoid phony Amazon calls

${article.thumbnail.title}

SCAM ALERT: Social media influencer ruse

${article.thumbnail.title}

SCAM ALERT: Beware of knock-off car seats

Image

Police make arrests in deadly shooting case

${article.thumbnail.title}

SCAM ALERT: Fake change-of-address websites

${article.thumbnail.title}

SCAM ALERT: Fraudsters claim Apple iCloud breach to steal your info

${article.thumbnail.title}

SCAM ALERT: Schemes target military families

Illinois Coronavirus Cases

(Widget updates once daily at 7 p.m. CT)

Cases: 1392552

Reported Deaths: 25678
CountyCasesDeaths
Cook55717310494
DuPage925951320
Will770811039
Lake684661022
Kane59564811
Winnebago34231514
Madison31180532
McHenry29212297
St. Clair28609519
Peoria23478343
Champaign21163156
Sangamon19165240
McLean18573190
Tazewell17257306
Rock Island15260329
Kankakee14613217
Kendall1331399
LaSalle12802252
Macon11018212
DeKalb10164121
Vermilion10054146
Adams8840127
Williamson7663136
Whiteside7210174
Boone685079
Ogle623684
Grundy599578
Clinton579891
Coles5779101
Knox5666156
Jackson512365
Henry508270
Livingston490892
Woodford486483
Stephenson484286
Macoupin481289
Effingham477474
Franklin455578
Marion4546117
Jefferson4459122
Monroe440594
Lee419754
Randolph417587
Fulton405259
Logan400964
Morgan398383
Christian384475
Montgomery380174
Bureau379485
Fayette322855
Perry320460
Iroquois316168
McDonough295451
Jersey272552
Saline261357
Douglas261036
Lawrence240727
Shelby232938
Union231441
Crawford214525
Bond209124
Cass205027
Ford189250
Clark185233
Warren184849
Pike183753
Jo Daviess183024
Hancock182931
Wayne182253
Carroll178837
Edgar177241
Richland176940
White170726
Washington165125
Moultrie163728
De Witt157529
Mason156045
Piatt152614
Clay150843
Mercer150034
Johnson148216
Greene145734
Wabash138012
Massac136440
Cumberland130419
Menard125712
Jasper116718
Marshall108419
Hamilton84716
Schuyler7837
Brown7526
Pulaski7037
Stark64824
Edwards58412
Calhoun5312
Henderson52914
Scott4921
Putnam4893
Alexander47611
Gallatin4704
Hardin39112
Pope3324
Unassigned612433
Out of IL20

Indiana Coronavirus Cases

(Widget updates once daily at 8 p.m. ET)

Cases: 754724

Reported Deaths: 13863
CountyCasesDeaths
Marion1036101790
Lake562641017
Allen41854693
St. Joseph37046566
Hamilton36732423
Elkhart29478465
Tippecanoe23028229
Vanderburgh22671402
Porter19427327
Johnson18527389
Hendricks17762319
Clark13251196
Madison13226344
Vigo12667254
LaPorte12458222
Monroe12287177
Delaware10993198
Howard10421227
Kosciusko9655123
Hancock8612146
Bartholomew8180157
Warrick7888156
Floyd7840180
Grant7269180
Wayne7177201
Boone7035104
Morgan6791142
Marshall6258116
Dubois6228118
Cass6040110
Dearborn591478
Henry5906111
Noble583289
Jackson509877
Shelby504497
Lawrence4782124
Gibson447995
Clinton446455
Montgomery443491
DeKalb442585
Harrison442275
Whitley407944
Huntington404281
Steuben402359
Miami398169
Jasper391755
Knox379991
Putnam374361
Wabash363083
Ripley348670
Adams345756
Jefferson336586
White334954
Daviess3054100
Wells297181
Decatur290092
Greene288285
Fayette285164
Posey275635
LaGrange273972
Scott270758
Clay269448
Washington246737
Randolph245483
Jennings235449
Spencer234631
Starke228559
Fountain227048
Sullivan215943
Owen213858
Fulton204543
Jay201732
Carroll194222
Orange188855
Perry187337
Vermillion176544
Rush176326
Franklin170535
Tipton167547
Parke150116
Pike138534
Blackford136532
Pulaski120948
Newton117636
Benton106114
Brown104643
Crawford102516
Martin92015
Warren85815
Switzerland8218
Union73110
Ohio58011
Unassigned0424