Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ransomware Insurance Is Coming (onthewire.io)

Posted by BeauHD on from the times-are-changing dept.

Trailrunner7 quotes a report from On the Wire: As bad as the ransomware problem is right now -- and it's plenty bad -- we're likely only at the beginning of what could become a crisis, experts say. "Lots of people are being infected and lots of people are paying. The bottom line its it's getting worse and it's going to continue to do so," Jeremiah Grossman, chief of security strategy at SentinelOne, said during a talk on the ransomware epidemic at the RSA Conference here Monday. "Seven-figure ransoms have already been paid. When you're out of business, you'll pay whatever you have to in order to stay in business. You're dealing with an active, sentient adversary." The ransomware market seems to be headed in the same direction as real-world kidnapping, where high-profile targets take out insurance policies to pay ransoms. Grossman said it probably won't be long before the insurance companies latch onto the ransomware game, too. "The insurance companies are going to see a large profit potential in this. Kidnapping and ransom insurance is still very boutique. This economic model will probably apply equally well to ransomware," he said. According to The FindLaw Corporate Counsel Blog, "Ransomware attacks fall under your cyber insurance policy's 'cyber extortion' coverage and can generally be considered "first-party" or "third-party" coverage, according to Christine Marciano, president of Cyber Data Risk Managers. Third-party coverage would likely leave a company uninsured when they are the victims of a ransomware attack. Even if your insurance policy covers ransomware attacks made against your company, the deductible may be so high that the company will be stuck paying any ransomware demands out of pocket (should the company decide to pay to decrypt its data). And your coverage may be sub-limited to relatively small amounts, according Kevin Kalinich, the global cyber risk practice leader for Aon Risk Solutions. A $10 million policy may only provide $500,000 for cyber extortion claims, he explains."

17 of 86 comments (clear)

  1. Fool-proof insurance policy by WaffleMonster · · Score: 4, Informative

    BACKUP YOUR SHIT

    1. Re:Fool-proof insurance policy by Xenographic · · Score: 2

      You'd think that good backups would be better insurance, but far too many firms simply don't have good backups. Or worse, they think they have backups and they've never really tested the restore process and wait for an emergency to find out it doesn't actually work...

    2. Re:Fool-proof insurance policy by PolygamousRanchKid+ · · Score: 2

      "Nothing can be made fool-proof, because fools are so ingenious."

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:Fool-proof insurance policy by networkBoy · · Score: 2

      Or the backups are good and tested, but are on-line disk backups and also get encrypted...

      --
      whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
    4. Re:Fool-proof insurance policy by taustin · · Score: 3, Insightful

      In my professional opinion, that would not qualify as a good backup.

    5. Re:Fool-proof insurance policy by FatdogHaiku · · Score: 2

      My take on that is:
      "Nothing can be made fool-proof, because fools are so ubiquitous."

      --
      You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  2. Re:Ransomware Insurance Is Coming... by Mr+D+from+63 · · Score: 2

    And then next step is ransomware insurance fraud.

  3. Re: Don't run Windows. by jcr · · Score: 2

    had an admin go rogue

    If you know who the perp is, there's all kinds of options available.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  4. What could possibly go wrong by Dunbal · · Score: 3, Insightful

    1. Back up your data

    2. Install the ransomware yourself on the computers.

    3. Cash in on insurance policy

    4. Reinstall data from backups.

    --
    Seven puppies were harmed during the making of this post.
    1. Re:What could possibly go wrong by wbr1 · · Score: 3, Insightful

      You can bet the insurance company will have digital forensics engineers on hand for any large payout. Local it will be in support, not supervisory roles.

      --
      Silence is a state of mime.
    2. Re:What could possibly go wrong by KiloByte · · Score: 2

      But how will those "digital forensics engineers" tell an idiot user clicking on an attachment from this being done intentionally by someone with enough brains to log in as the former?

      I guess the insurance company will just randomly deny payments with a bullshit excuse, like they usually do.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  5. Re:Do payments work? by fisted · · Score: 4, Insightful

    If word gets out that paying doesn't help, then people will stop paying.
    These are trustworthy criminals that have a reputation to lose.

    --
    CLI paste? paste.pr0.tips!
  6. Re:Do payments work? by Anonymous Coward · · Score: 3, Insightful

    What guarantees does anyone paying a ransom get that they will be able to unlock their data?

    None. But ransomeware is generally not a one-off thing, the people who make and distribute it are career criminals. It's in their best interest to restore your data. If a particular brand of ransomware builds a reputation for being dishonest, then nobody's going to pay the unlock fee.

  7. Large businesses too by rsilvergun · · Score: 2

    Nobody likes paying for IT. Outside of nerds (the neckbeard kind, not the modern "nerd") people hate computers. They hate how they make them feel weak and dumb. They hate that they can't seen them working because so much goes on behind the scenes. And above all they hate that they put power in the hands of the sorta twerps they used to see bully (or bully themselves) in grade school.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  8. Insurance will make the problem worse by aklinux · · Score: 2

    You're guaranteeing the bad guys a paycheck.

  9. Abort by jon3k · · Score: 2

    Have a friend who works for a mid-sized insurance firm that provides Cyber Insurance, it's actually exclusively what he does now. So what they do is get you to agree that you'll take all these preventative measures to avoid it (ie making backups) and when you get ransomwared they find some particular provision you violated to not pay your claim. Like any insurance of course.

  10. insurance company requires backups by raymorris · · Score: 4, Interesting

    > the incentive for the insurance company is to pay the ransom

    What insurance companies actually do is set conditions that *reduce* risk for their customers, so They don't have to pay anyone. They also create organizations such as Underwriters Laboratories and the National Fire Protection Association (who write the fire code).

    In this case, the insurance company will require that in order to get converage, you'll need to have *proper* backups, with a checklist of requirements for *proper* backup. Then they never have to pay out, and collect (small) premiums basically in exchange for forcing companies to test their backups quarterly.