A new SCOR publication looks at the rising threat of ransomware and how risk management, cyber security and cyber insurance can help.
Over the past 3 years, ransomware has jumped into the spotlight in the cyber threat landscape. Annual ransomware demands have multiplied by ten. Ransomware is a type of malicious software that allows a hacker to restrict access, through encryption, to an individual’s or a company’s vital information until some form of payment is made. There is no guarantee that the data will actually be decrypted following this payment.
The purpose of Ransomware
The main goal of this malicious software is the extortion of money from its victims. It blocks victims’ access to their data / devices through encryption, demanding a ransom from them to unblock that access. Ransomware can, for example, be spread through malicious links or attachments in emails. When the recipient opens the link or attachment, the malware encrypts data and monetizes access to the decryption key.
Attackers have developed two main ways to monetize the files on a victim’s computer – the first is to demand a ransom to decrypt them, and the second is to demand a ransom to avoid publicly releasing them.
The global COVID-19 pandemic has highlighted the need for organizations to dynamically review their cyber exposure. During the COVID-19 crisis, threat actors have taken advantage of work disorganization to intensify their malicious activities. The healthcare sector, for example, has faced increased threat activity while under the immense pressure of managing the pandemic. Conversely some organizations have slowed down, if not temporarily stopped their activities, resulting in reduced opportunities for threat actors.
By working closely with their IT and cybersecurity teams, risk managers can identify worst-case cyber scenarios, implement efficient risk mitigation measures and actively manage any residual risk through cyber insurance.
Cyber Underwriting Analyst,
Global Head of Cyber,