In the world of cyber risk, 2017 will be remembered as the year that global ransomware attacks burst onto the scene, causing companies significant economic damage and disruption. The two biggest attacks – WannaCry in May and Petya in June – infected hundreds of thousands of PCs worldwide and caused estimated losses of billions of dollars. High profile victims included Maersk, FedEx, Renault and Merck. In a worrying escalation of the impact of cyber warfare, one company cut its full year sales forecast following disruption to its manufacturing and distribution operations, and another has warned of a three percentage point drop in sales growth because of disruptions to shipping and invoices.
Analysis of the cyber claims we received between 2013-2016 showed that cyber extortion and ransomware is one of the fastest growing sources of cyber loss for companies of all sizes, with 16% of claims coming from encryption ransomware extortion and another 4% relating to other cyber extortions. We expect this number to rise considerably over the next couple of years as more European businesses buy cyber policies and the number of ransomware attacks increases.
This crime that is only predicted to keep on growing. It’s a lucrative trade for hackers, enabled by cryptocurrencies such as bitcoin which allow them to remain anonymous. A recent IBM report found that ransomware emails spiked by 6,000% in 2016, with businesses being increasingly targeted rather than individuals. These attacks are often underreported though because of fears of damage to their corporate reputation.
Whilst neither of these events has led to significant insured losses, the potential business interruption costs dwarf those of the ransoms demanded, and have focused risk managers’ attention on their business continuity plans. Production, operations and supply chains have all been shown to be at risk.
Here we look at some of the steps companies can take to reduce their exposure to cyber extortion events, or lessen their impact if they do occur. Most of them will be seen to be the IT department’s responsibility, but many argue the seriousness of the threat demands an enterprise-wide response.
There will be cyber insurance experts on our stand at the FERMA Risk Management Forum in Monte Carlo who will be happy to discuss the CyberEdge cover modules, and how it responds to cyber extortion events.