AGCS warns of “ransomware pandemic”

As countries around the world continue to grapple with the COVID-19 pandemic, another outbreak has taken place in the cyber world, according to Allianz Global Corporate & Specialty (AGCS). The specialty insurer is referring to the digital pandemic driven by ransomware.

Cyber intrusion activity worldwide jumped by 125% in the first half of 2021 compared to the same period in 2020, according to Accenture, with ransomware and extortion operations one of the major contributors behind this increase.

In a new Cyber Insights report, entitled ‘Ransomware trends: Risks and Resilience’ AGCS said

the increasing frequency and severity of ransomware incidents are driven by:

• Growing number of different attack patterns, such as double and triple extortion campaigns;
• Criminal business model around “ransomware as a service” and cryptocurrencies;
• Recent skyrocketing of ransom demands; and
• Rise of supply chain attacks.

Scott Sayce, global head of cyber at AGCS, said not all attacks are targeted as cyber criminals often adopt a scattergun approach to exploit those businesses that are not addressing or understanding the vulnerabilities they may have.

“As insurers, we must continue to work with our clients to help businesses understand the need to strengthen their controls. At the same time, in today's rapidly evolving cyber insurance market, providing emergency response services, as well as financial compensation, is now the standard,” Sayce added.

Read more: Aussie officials: Cyber insurance should not cover ransomware attacks

The cyber risk trends are mirrored in AGCS's claims experience, with the insurer receiving more than a thousand cyber claims overall in 2020, up from about 80 in 2016. Specifically, the number of ransomware claims (90) rose by 50% compared to 2019 (60).

The insurer's claims analysis found that business interruption (BI) and restoration costs are the main drivers behind cyber losses such as ransomware attacks, accounting for over 50% of the value of close to 3,000 insurance industry cyber claims worth around €750 million ($885 million) it has been involved in over six years.

So how can companies protect themselves from the “ransomware pandemic? AGCS suggested focusing on:

• Ransomware identification;
• Business continuity planning or incident response plan;
• Anti-phishing exercises and user awareness training;
• Backups;
• Endpoints;
• Email, web, and office document security;
• Segmentation;
• Monitoring patching and vulnerability management policies; and
• Performing due diligence and risk management activities before mergers and acquisitions.

“In around 80% of ransomware incidents losses could have been avoided if the organizations had followed best practices,” said Rishi Baviskar, global cyber experts leader at AGCS Risk Consulting.  “Regular patching, multi-factor authentication, as well as information security and awareness training and incident response planning are essential to avoiding ransomware attacks and also constitute good cyber hygiene.

“If companies adhere to best practice recommendations there is a good chance that they will not become ransomware victims. Numerous security gaps can be closed, often with simple measures.”