aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Computing
  • Data
  • Programming

Cybercrime Insurance Is Making The Ransomware Problem Worse

  • Ackley Wyndam
  • November 21, 2022
  • 4 minute read

During the COVID-19 pandemic, there was another outbreak in cyberspace: a digital epidemic driven by ransomware.

Several organisations worldwide fell victim to cyber-extortionists who stole data either to sell to other criminals or held it as a ransom for a profit. The sheer number of attacks indicates that cyber security and anti-ransomware defences did not work or have limited effectiveness.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

Businesses are turning to cyberinsurance companies in desperation to protect themselves from attack. But the growth of the cyberinsurance market is only encouraging criminals to target companies that have extortion insurance.

A 2021 study from the University of Leeds found there was a massive acceleration in major cyber-attacks on organisations during the pandemic. The paper also showed a “shift in offender tactics which scale up levels of fear in victims … such tactics include a shift towards naming and shaming victims, the theft of commercially sensitive data and attacks targeting organisations which provide services to other organisations.”

A report by global cybersecurity firm Sophos found that 66% of organisations surveyed, from across 31 countries, were hit with ransomware in 2021, up from 37% in 2020. The average ransom paid increased nearly fivefold to US$812,360 (£706,854). Insurance companies often opt to pay the ransoms that cybercriminals demand – 82% of UK companies pay up.

Where are the attacks coming from

According to US think tank the Council on Foreign Relations 22 countries are suspected of sponsoring cyberattacks, including the United States.

And a new black market in which cybercriminals provide products and services to other cybercriminals is flourishing and driving the surge in ransomware attacks. So-called ransomware allows everyone from teenagers to skilled amateurs to professional criminals to rent malware, encryption tools, and even Bitcoin wallets.

Read More  Unlock Real-Time Insights From Your Oracle Data In BigQuery

It is like a criminal renting a gun from another criminal who manufactured it.

In July 2020, three teenagers hacked Twitter. The attack resulted in the hijacking of 130 accounts – some of which included high-profile targets including Joe Biden, Barack Obama, Apple, Elon Musk and Bill Gates. The bitcoin accounts associated with their ransomware scam received more than 400 transfers totalling over US$100,000 (£87,000).

Woman stares at computer screen in shock
Ransomware can devastate a business. Andrey Popov/Shutterstock

What’s the problem with insurance?

The past few years have seen a surge in specialist cybercrime insurance policies. The global cybercrime insurance market is predicted to grow from US$7 billion in gross written premiums (GWP) in 2020 to US$20.6 billion by 2025.

Insurers need to do more to discourage incompetent security practices. Car drivers must pass theory and practical driving tests. But cyberinsurance policies rarely audit the IT security of an organisation before the policy is finalised.

A standardised ISO norm (quality management standards internationally agreed by experts) for software did not exist until 2015. It means customers have no way of judging the security standards of anything produced before 2015. Even now, some of the risk assessments a software would go through in its lifetime could be less rigorous than for the kettle in our home. And ISO testing is voluntary.

The market lacks understanding of large-scale, sophisticated, cyber-attacks. The insurance sector works by determining the probability of an incident happening and the impact it would have. The cyberinsurance market struggles to forecast the likelihood of cyber-attacks because changes in digital technology can be so unpredictable. Attackers’ capabilities and intentions shift rapidly.

Read More  11 Surprising Ways You Use Linux Every Day

Most insurers currently have no long-term data for cyberincidents or ransomware. This has led to underfunded cyberinsurance programs, which rely heavily on optimistic financial models.

As a result it is getting more difficult to secure cyberinsurance as the growing number of claims is forcing valuers to be more discerning in the clients they accept. Lloyds of London released new rules in December 2021 stating that underwriters will no longer cover damage caused by “war or a cyberoperation that is carried out in the course of the war”.

Insurance premiums increased by 22% in 2020 and a further 32% in 2021 across 38 countries. The cost incurred by the business gets passed on to customers. The ransomware demand will contribute to the overall rise in living costs as ransomware costs are being passed on to the customers.

As part of my work with the Northern Cloud Crime Centre, I looked at the
effectiveness of laws in the UK to regulate criminal activity in the Cloud. I found the cybercrime legislation in the UK has failed to keep pace with technological and market developments over the past 30 years. The Computer Misuse Act 1990 needs updating to make it more effective at policing cybercrime. If we cannot fix the situation, it will threaten jobs and investment in the UK.

What is the solution

Ransomware attacks are so effective because they exploit human weaknesses and organisations’ lack of technological defences.

Law enforcement authorities advise ransomware victims not to pay the ransom because it encourages further attacks and fuels a vicious cycle.

Read More  10 Must-Attend Sessions For Data Professionals At Google Cloud Next ‘23

But prevention is the best solution. Organisations need to put more effort into developing security measures such as a multifactor authentication system. Managers also need to carry out penetration testing, where a cybersecurity expert searches for vulnerabilities in a computer system.

Businesses are legally obliged to have a fire plan in place. The time has come for
mandatory ransomware and phishing resilience testing. The insurance industry needs to set minimum security requirements as part of the risk assessment. Organisations need greater transparency regarding what security they do and do not have in place.

Consensus is growing among researchers that solid cybersecurity can’t be achieved with technology alone because a human errors are to blame for a huge amount of incidents. The UK government is proposing new laws to regulate cybersecurity standards. But these laws won’t work if it doesn’t invest in public education about phishing threats.

Cybercrime insurance can help minimise business disruption, provide financial protection, and even help with legal and regulatory actions after a cyberincident. But it will not solve the problems that created the vulnerability to an attack in the first place.The Conversation

Subhajit Basu, Associate Professor in Cyberlaw; Editor-in-Chief International Review of Law Computers and Technology, University of Leeds

This article is republished from The Conversation under a Creative Commons license.


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

Ackley Wyndam

Related Topics
  • Consensus
  • Cyberattacks
  • Cybercrime
  • cybercrime insurance
  • Data
  • Joe Biden
  • Ransomware
  • Software
You May Also Like
View Post
  • Computing
  • Platforms

Start Your Ubuntu Confidential VM With Intel® TDX On Google Cloud

  • September 20, 2023
Intel Innovation
View Post
  • Computing

Intel Innovation 2023

  • September 15, 2023
Private
View Post
  • Computing
  • Public Cloud

A Comeback For Private Clouds

  • September 14, 2023
View Post
  • Data
  • Multi-Cloud
  • Platforms

Microsoft And Oracle Expand Partnership To Deliver Oracle Database Services On Oracle Cloud Infrastructure In Microsoft Azure

  • September 14, 2023
View Post
  • Computing
  • Technology

Bristol Set To Host UK’s Most Powerful Supercomputer To Turbocharge AI Innovation

  • September 13, 2023
View Post
  • Data
  • Learning

Resources to Take Your Charts From Bland to Beautiful

  • September 6, 2023
View Post
  • Architecture
  • Computing

What Happens When Finops Finds Bad Cloud Architecture?

  • September 6, 2023
Cloud
View Post
  • Cloud-Native
  • Computing
  • Platforms

InfluxData Announces InfluxDB Clustered to Deliver Time Series Analytics for On-Premises and Private Cloud Deployments

  • September 6, 2023

Stay Connected!
LATEST
  • 1
    Combining AI With A Trusted Data Approach On IBM Power To Fuel Business Outcomes
    • September 21, 2023
  • 2
    Start Your Ubuntu Confidential VM With Intel® TDX On Google Cloud
    • September 20, 2023
  • Microsoft and Adobe 3
    Microsoft And Adobe Partner To Deliver Cost Savings And Business Benefits
    • September 20, 2023
  • 4
    Huawei Connect 2023: Accelerating Intelligence For Shared Success
    • September 20, 2023
  • 5
    Huawei Releases Data Center 2030, Leading Innovation and Development of New Data Centers
    • September 20, 2023
  • Penguin 6
    How To Find And Fix Broken Packages On Linux
    • September 19, 2023
  • Volkswagen 7
    Volkswagen Races Toward Next-Gen Automotive Manufacturing Leadership With Google Cloud And T-Systems
    • September 19, 2023
  • 8
    VMware Scales Multi-Cloud Security With Workforce Identity Federation
    • September 18, 2023
  • Intel Innovation 9
    Intel Innovation 2023
    • September 15, 2023
  • Private 10
    A Comeback For Private Clouds
    • September 14, 2023
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • 1
    Microsoft And Oracle Expand Partnership To Deliver Oracle Database Services On Oracle Cloud Infrastructure In Microsoft Azure
    • September 14, 2023
  • 2
    Real-Time Ubuntu Is Now Available In AWS Marketplace
    • September 12, 2023
  • 3
    IBM Brings Watsonx To ESPN Fantasy Football With New Waiver Grades And Trade Grades
    • September 13, 2023
  • 4
    NASA Shares Unidentified Anomalous Phenomena Independent Study Report
    • September 14, 2023
  • 5
    Introducing OpenAI Dublin
    • September 14, 2023
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.