Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎05-25-2021 11:35 PM
‎05-25-2021 11:35 PM

Are cybersecurity insurance companies the next victims?

Hi All

 

Ransomware attacks are coming out of our ears, just lately.   CNC in the USA was hit with a 40 Million USD demand, which they paid despite best advice not to do so.  

 

Now we have a UK Doncaster Insurance broker hit with demands:

 

https://www.insurancetimes.co.uk/news/doncaster-based-broker-faces-15m-ransomware-attack/1437560.art...

 

Who pays the piper?  Corporations depend on Cyber insurance companies during times of great stress, e.g. cyber attacks, but what happens if the insurance company folds, because of an attack on themselves?

 

Is this the next trend, hit the insurance companies, whilst leaving organisations to fend for themselves?

 

Regards

 

Caute_cautim

Reply
0 Kudos
4 Replies
tmekelburg1
Community Champion
‎05-26-2021 08:51 AM
‎05-26-2021 08:51 AM

Unless they were accidently targeted, I don't understand why they would bite the hand that feeds them? Hypothetically, I would steal the insurance carrier's data (Customer list) but not encrypt their systems. I don't want them to know I was even there. I would then target the insurance carrier's customers because I know they have cyber insurance and are more likely to pay the ransom. Targeting insurance carriers with ransomware doesn't make sense for their business model IMHO. 

Reply
0 Kudos
CISOScott
Community Champion
‎05-26-2021 09:12 AM
‎05-26-2021 09:12 AM

@tmekelburg1 Agreed, unless the criminals see their feed trough coming to an end. If a growing consensus is to stop paying the ransoms or if the insurance company would go bankrupt if they had to all of a sudden payout on a bunch of claims, then it might make sense to go after the insurance company before they go broke. I was in night school years ago with an insurance agent in the US. He told me that, after a particularly devastating hurricane had made landfall, that if the hurricane would have made landfall 50 miles west of where it did, that it would have bankrupted all of the insurance companies in the US except for two companies who only wrote policies up and down the Mississippi river. If the criminals feel that their future money supply is about to dry up, then they might have gone after the place where the money was "stored".

 

Another thought is for the criminals to go after the so called "protectors" of the victims of ransomware. "Think the insurance companies can save you? We just took their money." It is a psychological attack to make it feel like trying to have protection is worthless so don't resist paying us because no one can save you. Just like criminal mobster gangs used to infiltrate police departments. You call the cops when the mob threatens you and the protectors turn on you. You feel helpless and pay up.

Reply
0 Kudos
Steve-Wilme
Advocate II
‎05-26-2021 09:38 AM
‎05-26-2021 09:38 AM

This of course assumes that your cyber insurance will pay out and that the insurance company won't find a reason not to pay.  

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
0 Kudos
tmekelburg1
Community Champion
‎05-26-2021 10:12 AM
‎05-26-2021 10:12 AM

@CISOScott wrote:

Agreed, unless the criminals see their feed trough coming to an end.

Maybe but I'd change up tactics and target the insurance carries who don't pay if that was the case. You definitely couldn't abuse it by targeting all of their customers in succession but there could be a rotation setup to prevent this.

Reply
0 Kudos