Covid-19 - Read our guidance and support for clients.

The Growing Ransomware Risk

14 April 2021

The cybersecurity community paid close attention to ransomware actors’ escalation of business tactics in the last year. The evolving tools and technical strategies have seen continued disruption to IT services across the world.

Whilst businesses try to be as proactive as they possibly can be in preventing an attack, cybercriminals are heavily invested in finding ways to attack your data.
 

Cyber Incidents

 

Ransomware attacks are one of the most prevalent forms of cyber incidents felt by businesses. This involves a malicious piece of code being installed onto the victim’s network. In most cases, this arises when an employee using the network clicks on a link in a phishing email or social media message. Such emails and messages are often targeted to their recipient and so appear to be authentic.

The malicious code will block access to the network, with the criminal charging a ransom to regain access. Refusal to pay could lead to the threat of data being released or sold on the dark web.
 

Escalations

 

Many organisations do not fully understand the cost involved in such an incident. They can escalate to:

  • The initial cost of hiring a cyber specialist and breach coaches to ascertain what has happened, negotiate with the cyber-criminal and, where necessary, pay the ransom in cryptocurrency
  • The interruption to business activities. Most companies would struggle to function without access to emails, let alone essential software
  • The cost of identifying and reporting the breach to any affected data subjects and the ICO
  • Public Relation and media handling costs

All the above are included in a good cyber insurance policy, and without an insurer on hand to handle the incident from start to finish, most businesses would not know who to turn to. Whilst fines under GDPR are deemed uninsurable, the ICO base fines on how firms manage cyber risk and respond to a breach, rather than the breach itself.


There is no shame in falling victim to a cyber-attack, but if you are not prepared for one, you will likely be punished by both the criminal and the authorities. You can learn more about specialist technology insurance here.

 

Phil Brown, Commercial Account Handler, Bruce Stevenson

Commercial Account Handler

Contact Us