Ransomware attacks are coming out of our ears, just lately. CNC in the USA was hit with a 40 Million USD demand, which they paid despite best advice not to do so.
Now we have a UK Doncaster Insurance broker hit with demands:
Who pays the piper? Corporations depend on Cyber insurance companies during times of great stress, e.g. cyber attacks, but what happens if the insurance company folds, because of an attack on themselves?
Is this the next trend, hit the insurance companies, whilst leaving organisations to fend for themselves?
Unless they were accidently targeted, I don't understand why they would bite the hand that feeds them? Hypothetically, I would steal the insurance carrier's data (Customer list) but not encrypt their systems. I don't want them to know I was even there. I would then target the insurance carrier's customers because I know they have cyber insurance and are more likely to pay the ransom. Targeting insurance carriers with ransomware doesn't make sense for their business model IMHO.
@tmekelburg1 Agreed, unless the criminals see their feed trough coming to an end. If a growing consensus is to stop paying the ransoms or if the insurance company would go bankrupt if they had to all of a sudden payout on a bunch of claims, then it might make sense to go after the insurance company before they go broke. I was in night school years ago with an insurance agent in the US. He told me that, after a particularly devastating hurricane had made landfall, that if the hurricane would have made landfall 50 miles west of where it did, that it would have bankrupted all of the insurance companies in the US except for two companies who only wrote policies up and down the Mississippi river. If the criminals feel that their future money supply is about to dry up, then they might have gone after the place where the money was "stored".
Another thought is for the criminals to go after the so called "protectors" of the victims of ransomware. "Think the insurance companies can save you? We just took their money." It is a psychological attack to make it feel like trying to have protection is worthless so don't resist paying us because no one can save you. Just like criminal mobster gangs used to infiltrate police departments. You call the cops when the mob threatens you and the protectors turn on you. You feel helpless and pay up.
This of course assumes that your cyber insurance will pay out and that the insurance company won't find a reason not to pay.
Agreed, unless the criminals see their feed trough coming to an end.
Maybe but I'd change up tactics and target the insurance carries who don't pay if that was the case. You definitely couldn't abuse it by targeting all of their customers in succession but there could be a rotation setup to prevent this.