Elevate the power of your work
Get a FREE consultation today!
When malware holds a victim's data for a hefty price, it's called ransomware. The most straightforward action, such as an employee clicking on an infected link, downloading malicious software, or forgetting to complete the newest browser update, can trigger this type of attack.
Hackers use these actions and vulnerabilities to access an organization's sensitive files, documents, photos, customer data, and financial information. Then they hold this data until the company pays the ransom. If an organization cannot or will not pay the hacker's asking price, which can range in the hundreds or thousands of dollars, they risk losing their data or having it released to the public.
Unfortunately, ransomware is rising, hitting more than a third of surveyed organizations already this year. These organizations comprise several industries spanning from hospitals and businesses to schools and local governments. According to a recent report by IT security company Sophos, titled "The State of Ransomware 2021," more than a third of the 5,400 organizations surveyed said they experienced a ransomware attack this year. Cyber attacks were up 400% in 2020. Payment demands were higher than ever, topping $300,000 on average, a 171% increase from the previous year.
Ransomware hackers usually target organizations that rely heavily on private and confidential consumer data, so it makes sense for the insurance industry to stay on guard. Recent large-scale attacks are a constant reminder that insurance providers need to be extremely diligent about cyber protection.
The threat against the insurance industry became crystal clear in March 2021, when a significant ransomware attack hit one of the largest insurance companies in the United States. After an unsuspecting employee downloaded a malicious browser update through a legitimate website, cybercriminals gained access to the company's data, disabled monitoring and security tools, and turned off backups.
Over several weeks, hackers copied sensitive data, including names, addresses, Social Security numbers, and medical information, to a separate location and locked down the insurer's systems.
This attack resulted in what we believe to be the highest payment disclosed to date — a loss of 40 million dollars.
The rise in ransomware has also increased pressure on the insurance industry that underwrites policies for these specific crimes. To protect themselves from cyber and ransomware attacks, companies purchase cyber insurance. According to the Cybersecurity & Infrastructure Security Agency, cyber insurance coverage protects organizations against a wide range of losses.
Also, these policies' coverage extends to costs "arising from data destruction and/or theft, extortion demands, hacking, denial of service attacks, crisis management activity related to data breaches, and legal claims for defamation, fraud, and privacy violations."
Not only have cyber insurance firms been paying out large sums for coverage payouts, but they've also become the latest targets themselves. Cybercriminals started hacking these insurance providers to gain access to their systems to find out how much coverage companies have and how much they're likely to pay in ransom. This insight gives hackers an advantage in negotiating ransom payments; they can capture client identities and the scope of their coverage for later attacks.
The Insurance Journal reported in July that cyber insurance payouts now exceed 70% of premiums—the breaking point for industry profitability.
The ripple effects of ransomware costs
Already, the increasing attacks are driving up costs for both insurers and their clients alike. The U.S. Government Accountability Office survey revealed that half of the insurance buyers paid between 10% and 30% more for coverage. And some companies have seen premiums rise by as much as 50%.
As insurer profits evaporate and premiums increase, some providers are looking for ways to change their business models. In some cases, they partner with cybersecurity firms to reinforce their clients' protection against attacks to drive down claims.
Prevention is far less costly than remediation for cyber insurance company clients.
IT security company Sophos estimates that even mid-sized companies are paying an average of $170,404 in ransom. But, with a total cost of $1.85 million per attack for lost time, productivity, and business opportunities, it's safer to avoid vulnerabilities altogether.
The very nature of insurance organizations, financially backing highly valued assets, makes them vulnerable to ransomware attacks. Without direct access to customers' sensitive information, insurance organizations won't be able to operate. To help protect your insurance organization's data, here's how to defend your data:
1. Implement company-wide education programs
2. Be diligent about regular security updates (It's not just building locks anymore)
3. Use active archiving to back up data
4. Keep a golden copy offline
5. Delegate your data protection to professionals
Ensuring the security of your data backups can go a long way toward neutralizing ransomware threats. And, state-of-the-art archiving prevents attackers from infecting the backup data you'll need to rely on to recover from a breach.
Iron Cloud Secure Offline Storage (SOS) offers cost-effective protection from cyber threats through an air-gapped or offline storage system. You can further protect your data with Vault Lock capabilities, which enables multi-factor authentication.
Ransomware attacks in the insurance industry are increasing both frequency and costliness. Still, good storage and backup practices can substantially reduce the risk.
Learn more about how Iron Cloud SOS and Vault Lock can help keep your data safe here.