Cybersecurity: Insurers shunning ransomware cover over increasing losses from attacks

*Experts say premium rates have almost doubled in the United States and jumped by 73 percent in Britain as a result of the frequency and severity of ransomware attacks on businesses, corporations and critical national infrastructure

Gbenga Kayode | ConsumerConnect

Faced with increased demand in recent times, insurers have halved the amount of cybersecurity cover they provide to consumers after the coronavirus (COVID-19) pandemic and home-working drove a surge in ransomware attacks that left them smarting from hefty payouts.

Accordingly, major European and United States (US) insurers and syndicates operating in the Lloyd’s of London market have been able to charge higher premium rates to cover ransoms, the repair of hacked networks, business interruption losses, and even Public Relations (PR) fees to mend reputational damage in the process.

However, the upsurge in ransomware attacks and the growing sophistication of attackers have made insurers wary of late, Reuters report said.

Insurers were quoted to have said that some attackers may even check whether potential victims have policies that would make them more likely to pay out.

Caspar Stops, Head of Cyber at insurance firm Optio, said: “Insurers are changing their appetites, limits, coverage, and pricing.

“Limits have halved – where people were offering 10 million pounds ($13.50 million), nearly everyone has reduced to five.”

Similarly, Lloyd’s of London, which has around a fifth of the global cyber market, has discouraged its 100-odd syndicate members from taking on cyber business next year, industry sources say on condition of anonymity, but Lloyd’s declined to comment on the matter, report stated.

US insurer AIG also said August this year, that it was cutting cyber limits.

Ransom software works by encrypting victims’ data and typically hackers offer victims a passcode to retrieve it in return for cryptocurrency payments.

Total $590m Ransomware payments made first 6 months 2021

According to experts, it has become the attack of choice for cybercriminals, who previously favoured stealing data and selling it to third parties.

Suspected ransomware payments totalling $590 million were made in the first six months of 2021, compared with the $416million reported for the whole of 2020, US authorities said in October.

In one of the biggest heists, a ransomware attack on Colonial Pipeline May this year in the US shut the largest fuel pipeline network in the country for several days.

It was gathered the US cyber insurers’ profits shrank 2020, according to insurance broker Aon.

Combined ratio – a measure of profitability in which a level of more than 100 percent indicates a loss – climbed by more than 20 percentage points from 2019 to 95.4 percent.

Implications on insuring corporate businesses, organisations

Whereas as insurers struggle to cope with the increasing ransomeware attacks payouts, companies are under-insured, report said.

David Dickson, Head of Enterprise at Broker Superscript, said: “It’s very unlikely people are getting the same limits – if they are, they are paying an extraordinary amount.”

He disclosed that a technology client had previously bought £130 million (Pound) of professional indemnity and cyber cover for 250,000 Pound.

However, Dickson noted that the client could only get 55 million Pounds of cover and the price was 500,000 Pounds.

Besides, insurers, who issued $5 million cyber liability policies 2020, have scaled back to limits of between $1 million and $3 million in 2021, a report last month by US broker Risk Placement Services (RPS) stated.

Activating NCC’s Centre for Computer Security Incident Response against threats in Nigeria’s cyberspace

In line with Nigeria’s National Cybersecurity Policy and Strategy (NCPS), published by the country’s Office of the National Security Adviser (ONSA) for responding to cyberthreats within the ICT and telecoms ecosystem in the country, the Nigerian Communications Commission (NCC) recently commissioned an incident response facility in Abuja, FCT.

ConsumerConnect had reported as it was the case in Kenya, South Africa, and other countries on the African continent where about 81million cyberattacks were reportedly recorded in the first six months of 2021, the Nigerian telecoms regulatory Commission has risen to the occasion to protect Nigerian consumers and national assets.

The NCC explained that the facility is aimed at addressing the incidence of cybercrimes, protecting national assets, including telecoms infrastructure, and encouraging increased participation in the country’s digital economy.

The regulator said the NCC Centre for Computer Security Incident Response was the Commission’s industry-specific intervention in Nigeria.

Prof. Danbatta, Executive Vice-Chairman and Chief Executive Officer (EVC/CEO) of NCC, in his address on the occasion likewise acknowledged, that considering the increasing growth in Internet usage, especially as a consequence of the outbreak of the COVID-19 pandemic, the Commission has observed a rise in cyber incidents and criminal activities in the West African country.

The Commission noted the objectives of the intervention are aligned with the National Cybersecurity Policy and Strategy (NCPS), which was published by the Office of the National Security Adviser (ONSA).

“The NCPS requires each sector to establish a computer incident response team provides requisite services to the stakeholders and players within each sector.

“The overall mandate of the NCC-CSIRT is to ensure continuous improvement of processes and communication frameworks to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector,” NCC stated.

Prof. Danbatta further said: “The Commission recognises that with the borderless nature and pervasiveness of these incidents, relentless and concerted attention is required to protect Internet users as well as the Critical National Information Infrastructure and ensure they are resilient.”

The NCC EVC/CEO as well emphasised that the NCC-CSIRT has been structured to operate within the framework of the NCPS and the National Digital Economy Policy and Strategy (NDEPS) to assist the Nigerian communications sector with the management and coordination of cybersecurity incidents and threats in Nigeria.

What makes cybercriminals tick of recent?

Descried as ‘profitable as cocaine’ now, a European Union (EU) report released October this year said the disruptive COVID-19 pandemic and rise of home working had enabled cybercriminals to flourish.

Meanwhile, cybersecurity firm Coveware has likened the 90%-plus profit margin from ransomware attacks in 2021 to the gains Colombian cocaine cartels made in 1992.

According to the company, where hackers previously, took a scattergun approach with methods, such as sending out thousands of phishing e-mails, they have become more targeted, reading balance sheets and focusing on specific sectors of the economy.

Tom Quy, cyber practice leader at reinsurance broker Acrisure Re, said attacks were moving away from healthcare facilities and municipalities, which have weak Information Technology (IT) controls but also little money – to manufacturing or logistics companies.

Such firms have deep pockets and cannot afford extended outages to fix their systems, so would rather pay ransoms, especially if they have insurance to cover them, said Quy.

Scott Sayce, Global Head of Cyber at Allianz Global Corporate & Specialty, also said: “We advocate to everyone you don’t disclose your insurance because that’s crucial to your business.”

Premium rates have almost doubled in the United States and jumped by 73% in Britain as a result of the frequency and severity of ransomware attacks, insurance broker Marsh said.

RPS said rates for some policies had risen by as much as 300 percent.

Where ransom payments were typically $600 a few years ago, they now are as high as $50 million, said Michael Shen, Head of Cyber and Technology at insurer Canopius, and insurers are sometimes asking policyholders to pay half of the ransom.

Moreover, the US and France are among countries particularly concerned about ransom payments, noted industry sources.

Report also indicates that the Federal Bureai of Investigation (FBI) has said it does not support paying ransoms, while a few US states are considering banning ransomware payments by municipalities as well.

Nevertheless, insurers, while less willing to provide large amounts of cover, say failing to pay ransoms also could backfire.

Adrian Cox, Chief Executive Officer (CEO) of insurer Beazley told the Reuters.

“Of course no-one wants to pay criminals,”

“At the same time, if you ban it … you could cripple a lot of businesses whose systems have been disabled.”