قالب وردپرس درنا توس
Home / Insurance / Ransomware Update: The Evolving Threat

Ransomware Update: The Evolving Threat



  Ransomware update The increase in ransomware may reach crisis levels. Cyber ​​insurance premiums are expected to rise between 20% and 50% by 2021, according to Business Insurance, and this increase is largely the result of ransomware. Attacks have increased in both frequency and severity, and it seems that no one is safe.

Responding to ransomware attacks becomes more difficult

According to Infosecurity Magazine, a new report found that the average ransomware payment increased from $ 115,123 in 2019 to $ 312,493 in 2020. The largest ransomware payment also increased significantly, from $ 5 million to $ 10 million.

Faced with these incredible demands, many companies may not want to pay. That's actually what the FBI is all about. The FBI says paying a ransom does not guarantee the files will be returned, and it may encourage future attacks, so it's better not to pay.

Unfortunately, even if you do not pay, a ransomware incident can be costly due to the digital forensic investigations, data breach reporting requirements, business interruptions and other losses. Infosecurity Magazine says that victims who have chosen not to pay have ended up with losses of more than $ 60 million.

If you rely on backups, make sure they are actually secure. According to ZDNet, many ransomware victims have learned the hard way that backed up files can also be infected. ZDNet also warns that "double blackmail" is a growing problem. Instead of simply encrypting files and demanding payment for the decryption key, many cybercriminals are now threatening to sell stolen data. If the victims want to avoid having their data leaked, they may feel that they have no choice but to pay. Of course, even this does not guarantee that data will be secure. You have to take the IT criminal's word for it.

New regulations may come

Organizations that have been affected by a ransomware or other cyberattack must already comply with state data breaches. In the future, they may also need to comply with new laws on payment notification for ransomware. According to TechCrunch, a new US bill, the Ransom Disclosure Act, would require companies to disclose payments for ransomware.

Some people would rather go further and make ransomware payments illegal. According to ComputerWeekly, 79% of cyber professionals would support making ransom payments illegal. At the same time, the Ministry of Finance says that companies that facilitate ransomware payments may risk violating OFAC regulations.

Attacks become more sophisticated – but the basics remain important

There has been a lot of talk about how cyber attacks have become more sophisticated. This is true. Cybercriminals are always working on new strategies, so organizations must be one step ahead with their cyber security efforts.

At the same time, the foundations of cybersecurity are still crucial. ZDNet has warned that many organizations have failed to correct vulnerabilities that have been known for years, and cybercriminals continue to exploit them.

Organizations must do everything in their power to protect themselves against this growing threat.

  • Install any security updates and patches now.
  • Review CISA's best practices for cybersecurity.
  • Create a ransomware incident plan.
  • Expect to speed up the next time your cyber policy is renewed.
  • Consider adopting multi-factor authentication protocols- in fact, some cyber insurance companies now require this as a condition of insurance guarantee.

Cyber ​​insurance

Cyber ​​insurance companies have been flooded with damage and as a result the coverage conditions become tighter and the insurances become stricter. Be sure to sit down with your agent and review your insurance in detail so you understand how your coverage will work in the event of an attack.

If you have questions or need commercial insurance guidance, contact BNC Insurance.


Source link