Should Ransomware payments be banned?
An interesting take. Here's where it gets more interesting. - if ransomware insurance payments (likely prompted by some court judgment) end up bankrupting an underwriter. Think about it, some large incident or series of incidents wipes out an underwriter. Now, that could jeopardize all the homeowner policies against flood or fire, worker's comp, auto policies, etc. You could see a domino effect like the U.S. saw with mortgage-backed securities in 2008. I suspect the underwriting industry has some safeguards so that we don't hit a full collapse, but this should be in the back of our minds. If a cyber insurance policy that was perceived to have a potential payout of $500,000 actually pays out $5 million (because that's what the ransomware gang asks), there are unavoidable ripples.
I think before the payments are banned, the underwriters will walk away from insuring against ransomware. It is just too unpredictable. But if that happens, how long is it until governments step in and with the power of regulation and force the underwriters back into the market?