A closer look at the rise of ransomware, we ask what is it, how do we tackle it and what does this global attack mean for our industry

Ransomware 450

This weekend the international headlines were awash with talk of the large-scale global cyber attack.

At last count, more than 150 countries have been affected, with the UK’s National Health Service being the primary target. Major firms FedEx, O2 owner Telefonica, Nissan and Renault were all impacted by the cyber attack. The rise of ransomware is undeniable. But what is it, and now can we tackle it?

Ransomware is being increasingly used by hackers, and has seen a rise in the past 2 years. According to Hiscox group head of cyber Matt Webb, the attack on Friday exploited a Microsoft vulnerability: “We have seen a rise in ransomware attacks over the last 24 months. Generally these incidents are resolved fairly quickly; for example if the insured has good IT hygiene they can simply restore from back-ups. They are normally small, but Friday’s incident exploits a Microsoft vulnerability which has allowed the malware to spread more easily.”

UK newspaper The Guardian reported that the attack was stopped in its tracks when a UK cybersecurity researcher inadvertently activated a ‘kill switch’ by entering garbled information into the malware – though he warned it could easily be reactivated.

While ransomware has been increasing in the past couple of years, this is a problem the US has been facing for the past decade.

 

“…firms get hacked just enough for someone to end up on their system, move around under the radar, and paying attention to the behavioural issues around internal sources so they can deploy these ransomware attacks in a targeted way.” Emy Donavan

Speaking to Global Reinsurance in an interview on the topic, Allianz AGCS specialist Emy Donavan said: “The first ransomware attack that I was aware of happened in 2007/2008 and it was against a Virginia hospital. Somebody actively hacked into them, encrypted all of their backup, deleted all of their primary files and demand a million dollars for the key. It was a targeted breach, and we’re still seeing echoes of that now.”

She added: “In a lot of instances, firms get hacked just enough for someone to end up on their system, move around under the radar, and paying attention to the behavioural issues around internal sources so they can deploy these ransomware attacks in a targeted way. Human error still accounts for about two thirds of breaches, and that includes clicking on a phishing attack that ends up deploying a ransomware attack onto your system.”

Cyber attack 450

According to Webb at Hiscox, the US are now tackling the ransomware trend and are becoming better equipped to deal with it.

Webb said: “Costs to businesses are not limited to any initial ransom payments. The investigation and restoration of files can be prohibitive, and there may also be business interruption costs Our research indicates US businesses have better processes and procedures in place.”

Russell-Cooke partner Guy Wilmot believes this attack will throw light on the potential legal liabilities associated with cyber-security breaches.

He said: “As well as the disruption, a cyber-security breach can give rise to significant reputational damage and in many cases legal liabilities under data protection legislation.”

He added: “From next year the potential liabilities for cyber-security breaches where personal data is compromised will be increasing sharply with the introduction of the General Data Protection Regulation with fines of up to €20m or 4% of global annual turnover.”