The number of ransomware attacks reported to the Information Commissioner’s Office increased by 100% last year, posing increasing problems for companies wanting to secure cyber coverage under traditional property and liability policies.
According to international law firm RPC, ransomware attack numbers rose from 326 in 2020 to 654 in 2021, suggesting the increasing profitability of the crime. Ransomware can severely hinder a business’s operations, and even bring them to a standstill. Several corporates have been forced to pay a ransom to have their data decrypted, the firm added.
RPC says that sectors which are privy to sensitive financial data are often at the highest risk of being targeted by gangs. The sectors most frequently under attack in 2021 include finance, insurance and credit with 103 incidents, followed by education and childcare with 80.
Some larger gangs have also profited from licensing their ransomware to other criminals, enabling even those with limited technological knowhow to perpetrate attacks. These criminals will scour the internet for vulnerabilities, then sell the access to other gangs that may execute the attack and exfiltrate data
“Ransomware attacks have been on the rise and it’s a problem that isn’t going away any time soon,” said Richard Breavington, RPC partner and head of its cyber and tech insurance team.“It is becoming increasingly rare for cyber to be covered by other types of insurance policies. As a result, businesses that are not taking dedicated cyber policies run the risk of becoming underinsured.
He suggested that businesses seeking to avoid being caught in an “insurance gap” should invest in the latest IT security software. “Not only will this reduce the chances of succumbing to an attack, but it will also signal to insurers that they take matters of cybersecurity seriously and hopefully make it easier for them to get coverage,” Breavington added.
“Corporates should also ensure their systems are backed up regularly in segregated back-ups, which could help minimise business interruption in the event of an attack.”
Image Credit | iStock