Ransomware is proliferating across America, disabling computer systems of corporations, city governments, schools and police departments. Recently, attackers seeking millions of dollars encrypted the files of 22 Texas municipalities. Overlooked in the ransomware spree is the role of an industry that is both fueling and benefiting from it: insurance.
The FBI and security researchers say paying ransoms contributes to the profitability and spread of cybercrime and in some cases may ultimately be funding terrorist regimes. But for insurers, it makes financial sense, industry insiders said. It holds down claim costs by avoiding expenses such as covering lost revenue from snarled services and ongoing fees for consultants aiding in data recovery. And, by rewarding hackers, it encourages more ransomware attacks, which in turn frighten more businesses and government agencies into buying policies.
“The onus isn’t on the insurance company to stop the criminal, that’s not their mission. Their objective is to help you get back to business. But it does beg the question, when you pay out to these criminals, what happens in the future?” said Loretta Worters, spokeswoman for the Insurance Information Institute, a nonprofit industry group based in New York.
A spokesperson for Lloyd’s, which underwrites about one-third of the global cyber-insurance market, said that coverage is designed to mitigate losses and protect against future attacks, and that victims decide whether to pay ransoms. . “A decision whether to pay a ransom will fall to the company or individual that has been attacked.”
Fabian Wosar, chief technology officer for anti-virus provider Emsisoft, said he recently consulted for one U.S. corporation that was attacked by ransomware. After it was determined that restoring files from backups would take weeks, the company’s insurer pressured it to pay the ransom, he said. The insurer wanted to avoid having to reimburse the victim for revenues lost as a result of service interruptions during recovery of backup files, as its coverage required.
“Paying the ransom was a lot cheaper for the insurer,” he said. “Cyber insurance is what’s keeping ransomware alive today. It’s a perverted relationship. They will pay anything, as long as it is cheaper than the loss of revenue they have to cover otherwise.”
Here is the full article from probublica