The most recent Verizon annual breach report, the 2018 Data Breach Investigations Report, shows that their prediction in 2013 is coming true: ransomware is the most pervasive malware in use today (see here). Another report found that ransomware accounted for 56% of attacks (see here).
Why is ransomware the criminal tool of choice (see here):
Ransomware is seen as so effective, Verizon says, because it can be attempted with little risk to the attackers, doesn’t require them [to] monetize stolen data and can have a larger impact when deployed against large organizations like corporations or local governments.
The costs are going up and variants are becoming more destructive. A new version of SamSam ransomware uses unknown exploits and targeted attacks to infect numerous computers in a single organization (see here), increasing the impact and the potential value of the ransom demand. Another version of ransomware will delete backup files even if the ransom is paid (see here).
Recent examples include:
Shipping giant Maersk was forced to replace tens of thousands of servers and computers in the aftermath of a ransomware attack last year, and did so in 10 days. Even so, the cyber attack cost the company millions in lost business (see here):
The massive IT undertaking along with business lost due to the almost total shutdown of the company's computer network has cost Maersk between $250 million and $300 million.
A Massachusetts school district recently paid a $10,000 ransom (see here).
The Colorado Department of Transportation was hit with a ransomware attack that brought down 2,000 computers (see here), and the Spartanburg, SC, Public Library system was shut down from a ransomware attack (see here).
Some Cyber Risk Insurance policies do not provide full coverage for ransomware and for other forms of cyber crime. Yet ransomware and cyber crime, such as social engineering fraud, make up a large percentage of all cyber attacks against SMBs. Comprehensive Cyber Risk Insurance is an essential coverage for businesses of all sizes for protection from both criminal attacks and employee error; it should not be optional. Coverages vary widely, and so a thorough review is essential to ensure that comprehensive coverage is in place.
Tennant Risk Services, now a division of Worldwide Facilities, is a specialty wholesale broker and underwriting manager, and delivers expertise, markets and exemplary services to our retail insurance agent clients in the placement of professional liability and specialty insurance (E&O, D&O, EPL, Cyber Risk, Specialty). We excel at hard to place accounts.