Cyber Insurance Rates Increasing as Ransomware Claim Costs Have Increased
Cyber insurance rates are ramping up and could increase by as much as 25% this year due to a surge of costly claims caused by hackers and the malicious ransomware programs they use to take down big and small systems that control everything from hospital billing to manufacturing.
“Ransomware” is the common name for a growing viral risk that takes over computers and servers – they stop only when the hackers receive increasingly hefty payments.
Though 2019 saw fewer attacks than the previous year, cybersecurity experts say the problem is significant, and worrisome because the ransomware is getting more sophisticated. Attacks are now designed to spur deeper and more lasting technological problems, and hackers are demanding bigger and bigger sums of money.
Hackers are more frequently attacking mid-size and smaller companies that are less technologically adept and can be stressed by the ballooning ransoms. The average ransom of $41,000 during the 2019 third quarter was three times the ransom at the beginning of the year, according to Coveware, a ransomware recovery service.
- Ransomware crippled the foreign-exchange firm Travelex Ltd. for weeks, leaving staff to serve customers with pen and paper. Hackers demanded 46-million! Travelex declined to comment.
- Albany County’s Airport Authority computers were paralyzed by an attack and paid nearly $100,000 in Bitcoin to get their system unlocked. Their insurer covered the ransom.
Cyber-insurance premiums started rising 5% to 25% late last year. The dramatic rise so far has not caused insurers to scale back coverage because cyber policies usually cover more than ransom: data recovery, legal liabilities, and negotiators fluent in hackers’ native languages.
Some carriers are reportedly looking into price adjustments, and are considering developing ransomware policies separate from general cyber coverage.
The bottom line? What are you doing to protect your business from a ransom attack? What procedures are being put in place to minimize the risk of a potential attack? Most important, is your company insured properly – if at all – in the event of a ransom attack?
It would be great to meet with you and discuss what we can do to help. Please, call or email me to get started.