- More than one-quarter of cyber insurance claims received by AIG last year were the result of ransomware attacks, the largest percentage of any cyberattack type, according to the insurance giant’s 2017 cyber insurance claim statistics.
AIG said that this was a significant increase from the average of 16 percent of cyber claims coming from ransomware attacks in the years 2013-2016.
The WannaCry ransomware attacks, in particular, had a devastating impact on the healthcare industry, as well as the financial services, logistics, education, and manufacturing, according to AIG stats.
“The WannaCry outbreak, which hit hundreds of thousands of machines around the world, could have been worse in terms of scale and insured losses if a UK researcher hadn’t quickly found and activated the kill switch,” said Mark Camillo, head of cyber for Europe, the Middle East, and Africa at AIG.
Ransomware has become increasingly commoditized with the creators of recent variants offering revenue-sharing agreements to partners. There is no guarantee that victims will get their data back, even if they pay the ransom, AIG observed.
A recent survey by the CyberEdge Group of 1,200 IT security decision makers found that close to 20 percent of ransomware victims paid the ransom but still didn’t get their data back. A majority didn’t pay the ransom but recovered their data, presumably through data backups, while 19 percent paid the ransom and recovered their data, and 8 percent did not pay the ransom and lost their data.
Companies may not think their data is likely to be compromised, but AIG’s claims experience in 2017 demonstrated that ransomware attacks are largely indiscriminate and can impact healthcare providers of all sizes, as well as organizations from other industries.
AIG said it expects the automation and commoditization of ransomware to continue to be a trend with businesses and individuals facing an increasing number of attackers.
In fact, a ransomware attack is the type of cyberattack that most worries healthcare IT professionals, according to a survey of HIMSS18 attendees by security firm Imperva.
Almost 10 percent of those surveyed had paid a ransom or extortion fee, while almost half didn’t know if they have paid a ransom or not.
Overall, AIG had as many cyber insurance claims notification last year as in the previous four years combined.
Professional services, financial services and retail topped the list of industries when it comes to cyber claims, but incidents are spreading more broadly among a range of sectors, indicating that no industry is immune, observed AIG.
Companies that do not have strong cybersecurity protections in place or back-ups of their data are most likely to suffer from network interruption following a ransomware attack, according to José Martinez, vice president of financial lines major loss claims for EMEA at AIG.
“Generally speaking, when companies have back-ups, in pretty much all the cases that I’ve seen they are not interested in paying the ransom,” Martinez said.
“However, there were a couple of instances last year where this was a real issue and some companies were really on their knees because they did not have good back-ups. So, they had to consider making a payment in order to recover their data. In these cases, the longer it goes on, the more they suffer financially,” he added.
According to a recent survey of 1,300 senior executives by Microsoft and Marsh, 20 percent of respondents said they did not have or plan to have cyber insurance, with 25 percent saying they did not know their organization’s cyber insurance status.
Business interruption (75 percent), reputational damage (59 percent), breach of customer information (55 percent), data or software damage (49 percent), and extortion/ransomware (41 percent) were the top cited cyber loss scenarios with the greatest impact to an organization.
AIG concluded that the systemic nature of ransomware attacks witnessed in 2017 is just the “tip of the iceberg” and that ransomware will become even more of a challenge in the future.