Ransomware Threatens Companies

According to a study by Allianz subsidiary “Allianz Global Coporate & Specialty” (AGCS), companies can expect ransomware to cause $30 billion in damages worldwide by the end of the year. According to AGCS, the value of insurance claims from such attacks accounted for more than half of all cyber insurance claims in which the company was involved with other insurers. As a result, many insurers have taken steps to mitigate losses. These include, for example, increasing insurance premiums and adjusting policies – many customers will have to expect a higher excess in the future.

Number of successful extortion attempts declines

It is true that the number of ransomware attacks has decreased in the first half of 2022. But despite this downward trend, companies are complaining about a significant increase in ransomware. There is, however, encouraging news: According to a study by U.S. cryptocurrency specialist “Chainalysis”, the number of successful extortion attacks dropped by 40 percent worldwide last year. This development gives hope that fewer companies will respond to ransomware demands.

“Until now, some companies chose the quickest and easiest way: they paid demands to get their encrypted data back, for example,” explains Ralf Baumann of Veritas Technologies. “In doing so, however, they thought that their insurance would cover the financial damage. This will be less the case in the future since there has been a shift of mindset in the industry.”

In response to past cyber losses, many insurers have already massively increased their prices. They are also examining the current security structures of those companies that want to be insured by them. The outcome of this examination determines whether these companies are allowed to purchase a policy. In Germany, for example, the Allianz subsidiary alone rejects three-quarters of all inquiries for this reason. And in France, the insurance company AXA has not reimbursed any damage from ransomware payments at all since May 2021.

Higher excesses

Companies should no longer rely solely on financial support from insurance companies. From now on, they must expect a higher deductible – or even a complete refusal to pay by the insurance company. It is therefore advisable to plan prudently in advance and set up effective processes. Ideally, companies will recognize such an attack as quickly as possible and can then take the right steps to minimize the damage. “All data should be seamlessly secured with a data protection solution from the edge to central data centers to the cloud,” Baumann said. “Likewise, an efficient and automated backup and recovery plan is important to get back up and running quickly after an attack.”

The first hour in particular is critical after a successful attack. During this time, it is important to isolate the infected systems from the network in a timely manner to prevent further spread. However, it is equally important to determine the cause of the attack. When it comes to defensive measures, it is primarily the employees who can help as information carriers to contain a successful attack. In addition, however, common defense systems for the protection, management, backup and recovery of data should also form an integral part of the security structure in the company.