Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid and can target both individuals and businesses. The U.S. House Committee on Oversight and Reform shared that “in 2020, ransomware attacks on both public and private institutions in the U.S cost an estimated $19.5 billion. … in the first six months of 2021, financial institutions reported $590 million in ransomware-related transactions. Current trends indicate that ransomware transactions in 2021 alone will exceed the previous 10 years combined.”
Here are some of the notable incidents in 2021:
- CNA Financial Corp., one of the country’s largest insurance companies, reportedly paid a ransom of $40 million in Bitcoin after a ransomware attack.
- Colonial Pipeline, providing nearly half of the east coast’s fuel, paid $4.4 million in Bitcoin to a ransomware gang believed to operate out of Russia.
- JBS Foods, which owns plants that process one-fifth of the US meat supply, paid a ransom of $11 million in Bitcoin after it suffered a ransomware attack attributed to another Russian group.
While ransomware is nothing new, the ransoms have increased significantly, up 43% from the last quarter of 2020, according to cyber security firm Coveware. And now it’s starting to impact average citizens. In a Dec. 3 Digital Insurance Q&A with Thomas Kang, North American head of cyber technology and media for Allianz Global Corporate & Specialty, he stressed “the work from home environment has made an impact … more than 25% of claims are related to remote access being compromised.”
|“Ransomware attacks in 2021 alone will exceed the previous 10 years combined.”|
Beyond this, ransomware attacks are now targeting individual home computers with The Washington Post reporting an increase of 341% in the last two years. On a recent edition of AAIS Pulse, Berkley Re Solutions’ Jeff Cron said that ransomware attacks are rising particularly among individuals over 40 (years of age), a market more susceptible to online scams. The increase in attacks has commercial underwriters seeking more information than ever as the cost of claims has led to coverage restrictions such as a reduction in the amount of reimbursement for ransomware attacks.
An ounce of prevention…
There are several steps all computer users should take to protect themselves from loss.
- Create a computer back-up following these three principles:
- Assume ransomware will encrypt or delete anything you can access from your PC.
- Disconnect your backup from the network.
- Rely on versioning.
- Minimize your exposure to ransomware.
- Use a strong antivirus product with ransomware protection.
- Don’t click on anything you don’t trust.
- Keep your computer equipped with the latest system updates.
- Insurance can offer strong protection against loss. Several companies provide Personal Cyber Insurance coverage for ransomware and related cyber-crimes. Contact AAIS for more information regarding the options being offered to protect consumers.
If you get hit…
If you have the misfortune of being infected with ransomware, all hope is not lost. There are several free tools you can use to decrypt your files without paying a ransom:
- No More Ransom: This is a joint project between McAfee and a handful of European law enforcement organizations that now boasts about 100 corporate and government partners.
- ID Ransomware: Created by security company Emsisoft, this project is similar to No More Ransom, and can notify you if a non-decryptable attack becomes decryptable in the future.