What is Ransomware?

One of the biggest concerns for cyber insurers in the rise of ransomware attacks. This is not only in terms of frequency but also the severity. CFC Underwriting have noted that the ransoms demanded have been the largest they have seen going up into the millions.

Hiscox explain in their Cyber Readiness Report 2020 that larger attacks generally have two distinct phases. Following the initial infection the attacker will have access to your systems and be able to assess your valuable assets and set the ransom amount. Then there is the attack itself which will often be at a weekend to limit the scope of the response. There can be a period of about 1- 3 weeks between these phases. If you are able to keep on top of your threat monitoring it is possible you could stop the threat within this time frame meaning there would be less impact to your business.

Hackers techniques are also evolving. Data exfiltration now occurs in nearly 50 percent of ransomware attacks. This means that the data has been stolen in addition to being encrypted for ransom. This could mean even if you pay the ransom your data could still be kept by the cyber criminal and used as additional leverage or sold on the darkweb.

At the more mundane end of the scale there are still a number of attacks which rely on being able to slip past the financial controls of a company. For example, the amount of money that an attacker can make by requesting gift cards was around $1,213 in the first quarter of 2020. This level of attack is not necessarily the choice for co-ordinated groups but for individuals often with limited skill. Ransomware toolkits are available on the darkweb for less than $50.

Make an Enquiry