Experts are still trying to find out who launched the WannaCry ransomware attack a couple of weeks ago. Researchers at cyber security firms Symantec and FireEye say evidence they’ve uncovered says the attack came from North Korea’s hacking group Lazarus.
Ben Read of FireEye said, “The shared code likely means that, at a minimum, WannaCry operators share software development resources with North Korean espionage operators.”
North Korea denies involvement.
The WannaCry virus and other recent ransomware attacks has impacted insurance. And that impact is both negative and positive.
Aon Benfield and Beazley did a study of ransomware attacks. It is titled Aon Benfield’s Cyber Update: 2016 Cyber Insurance Profits and Performance and the study found the number of ransomware attacks quadrupled from 2015 to 2016. In their report, Aon researchers Jon Laux and Craig Kerman said this has led cyber insurers to see a jump in the loss ratio to 57.7. That’s a 16% rise from 2015.
On the other side of the coin, the study found cyber insurance premiums grew roughly 30% to $1.34 billion between 2015 and 2016
“For insurers providing cyber insurance, these results illustrate the potential for both extremely good and extremely bad underwriting outcomes, and underscore the importance of managing limits,” they wrote.
Aon Risk Solutions Senior Vice President Jim Trainor also commented on the study. He said it includes data from 138 insurers in the U.S. “One of the challenges of cyber is that it is a very complex environment. Bad actors use and exploit infrastructure both in and out of the United States. A lot of groups who conduct such criminal activity don’t reside in the U.S. This makes it increasingly challenging for both government and companies to protect themselves because those attacking them don’t actually reside in the locations in which they operate,” he said.
Ken Crerar of the Council of Insurance Agents and Brokers said the CIAB has released its current cyber study. The Council of Insurance Agents & Brokers’ Cyber Insurance Market Watch Survey said clients are now more up to speed on the type — and how much — insurance they need. The conclusion is insurers selling cyber insurance can, and should, anticipate growth in policy purchases.
Other survey conclusions:
• 32% have purchased at least some form of cyber coverage
• In the last six-months 27% purchased that insurance for the first time
• 44% increased coverage in the last six-months
• 76% with cyber insurance have stand alone policies
“As brokers become more experienced with cyber exposures, they are growing their knowledge of this new breed of risk. This is a good sign, as brokers play an increasingly crucial role in both cyber risk mitigation and post-event response. The globally-launched WannaCry/WannaCrypt ransomware file encryption exploit is a prime example. Brokers are actively advising clients on the preventative steps to take now to increase the chance of escaping the virus, which has infected hundreds of thousands of systems,” Crerar said.
And on those preventative steps, James Gow — the senior vice president of the Property & Casualty Practice at Corporate Synergies — said a big part of the problem business has with ransomware attacks is uneducated employees and suggests employers set up an education program. It should contain:
• Instructions for employees to regularly change their passwords for software, email and other programs.
• A standard framework on how information is shared within the company.
• A policy for how sensitive information is asked for and given. Not everyone in the company needs to have sensitive information.
• An employee identification policy.
• A safe document management system and disposal services.
• Regular employee testing on security policies to make sure they understand social engineering and hacking scams so confidential and sensitive information is not handed out.
Two last items. The electronic signature service DocuSign has admitted that hackers gained temporary access to its database. It contained the email addresses of customers which is why there was a surge in phishing emails sent to DocuSign users. Those emails encouraged recipients to open a Microsoft Word doc that contained malicious software.
If you are a user, updates on the hack are available by clicking here.
And last. Target has settled its multistate hack from Christmas of 2013 for $18.5 million. In December of that year and January of 2014, over 40 million credit and debit card users had their information stolen.
Source links: PropertyCasualty360.com — link 1, link 2, Insurance Business America — link 1, link 2, Insurance Journal