In crosshairs of ransomware crooks, cyber insurers struggle

By FRANK BAJAK

July 5, 2021

BOSTON (AP) — In the past few weeks, ransomware criminals claimed as trophies at least three North American insurance brokerages that offer policies to help others survive the very network-paralyzing, data-pilfering extortion attacks they themselves apparently suffered.

Cybercriminals who hack into corporate and government networks to steal sensitive data for extortion routinely try to learn how much cyber insurance coverage the victims have. Knowing what victims can afford to pay can give them an edge in ransom negotiations. The cyber insurance industry, too, is a prime target for crooks seeking its customers’ identities and scope of coverage.

FILE - In this Feb. 21, 2019, file photo, people stand in front of the logo of AXA Group prior to the company's 2018 annual results presentation, in Paris. The cyber insurance industry, once a profitable niche, is now in the crosshairs of ransomware criminals. Pressure is building on the industry to stop reimbursing for ransoms, but so far only one major cyber insurer, AXA, is doing so — and only with new policies in France. To try to absorb the growing onslaught and stay profitable, insurers are retooling coverage, demanding clients up their security.  (AP Photo/Thibault Camus, File)

Before ransomware evolved into a full-scale global epidemic plaguing businesses, hospitals, schools and local governments, cyber insurance was a profitable niche industry. It was accused of fueling the criminal feeding frenzy by routinely recommending that victims pay up, but kept many from going bankrupt.

Now, the sector isn’t just in the criminals’ crosshairs. It’s teetering on the edge of profitability, upended by a more than 400% rise last year in ransomware cases and skyrocketing extortion demands. As a percentage of premiums collected, cyber insurance payouts now top 70%, the break-even point.

FULL STORY