The world’s largest ransomware attack encrypted the data of thousands of computers globally over the weekend and will inevitably drive demand for cyber insurance, according to Greg Markell, CEO of cyber at MGA
Ridge Canada.
The extortion hack hit an Oshawa hospital, in Lakeridge Health, but it reported that its cyber security system successfully shielded the ransomware.
Other institutions around the world, however, weren’t so lucky.
In Russia, thousands of interior ministry computers were compromised, 48 of the UK’s National Health Service organizations were affected, FedEx in the US was hit and French carmaker Renault shut down some of its factories.
A security expert told
CBC News that “a number” of Canadian organizations had been hit but were staying quiet.
“One of the things it [the attack] will certainly do is point to shortcomings in existing insurance programs, which will invariably get people to ask ‘Where can I get this covered?’” Markell said.
“You’re starting to see full, absolute data exclusion on property liability policies. Other forms of coverage that you look at, they have some extensions of cyber to them - but by no means are those fully robust, stand-alone options that would give you the limit adequacy that you would need to deal with one of these situations.”
Much of what cyber insurance covers is intangible losses like reputation or digital data along with supplying expert decryption and legal experts, something a P&L policy doesn’t provide.
“This attack was very sophisticated,” Markell said. “You’ve got one of the first examples of a ransomware worm out there. It completely proliferates as it goes. Typically ransomware comes in blanket-related attacks that just prey on someone, who may not know any better, to click on a link, which launches the encryption.
“Ransomware is the easiest way to monetize cybercrime because there seems to be so few consequences, because a lot of the times it’s coming from another part of the world. It’s a faceless crime. However, we’re hearing about some of these organized crime syndicates setting up helplines to help walk people through what to do to get their data back. So you even have criminals setting up customer service lines to extort you.”
As the complexity and possible likelihood of attacks increases, Markell said brokers should speak with their clients about if they have enough coverage.
“With the extensions of coverage that you find some of the property and liability policies, I think it’s very worthwhile having the discussion with your client: is this limit enough? Is this adequate?” he said. “While the ransomware demands are relatively small, the implications associated with cleaning up the mess can potentially take you a while.”
Related stories:
Allianz specialty unit announces new North American appointments
AXIS Capital Holdings announces new CFO