NAS Says Ransomware Demands Growing Along with Cyber Claim Costs
Cybercrime claims by policyholders outside the health care sector nearly doubled in 2018, led by financial fraud, often phishing schemes that lead to payments or wire transfers to criminals posing as clients or business partners, NAS Insurance said in a new report.
The Los Angeles-based speciality underwriter said in its 2019 Cyber Claims Digest that hacking, ransomware and phishing attacks were the leading causes of cyber losses among non-healthcare policyholders last year. For policyholders in the healthcare industry, hacking and ransomware were also the leading causes, but rogue employees instead of phishing ranked the third-most common cause.
NAS said ransomware criminals became more greedy than ever in 2018. The carrier said it resolved more than 90 ransomware incidents in the past two years. Payment demands averaged over $30,000 (in a variety of currencies) and the cost of negotiating and paying cryptocurrency demands often tripled of quadrupled the cost of resolving the issue, with those expenses sometimes surpassing $70,000.
In early 2019, NAS said it has seen a huge shift. In three separate events, ransom demands ranged from $100,000 to $1.2 million. The carrier said a broader study by the NetDiligence Insurance Industry Cybercrime Task Force also reported that carriers are receiving much higher ransom demands.
The NAS report highlights a claim involving the “Ryuk” ransomware virus. An employee opened an email that transferred the virus in the policyholder’s servers in the U.S. and Canada. It is believed 660 servers were affected. NAS said the cyber criminals demanded 130 bitcoins, worth approximately $540,000, in ransom, but its forensics team negotiated a lower ransom of $425,000.
NAS reported separately on health care policyholders because the data for that portion of its book was significantly different. The carrier said cyber claims against healthcare sector policyholders increased only 2% and the costs of those claims were lower in each category.
However, NAS pointed out that it incurred extraordinary costs among healthcare policyholders in 2017 due to several breaches that affected hundreds of thousands of patients, increasing costs for notifying victims, setting up call centers and credit monitoring.
“In 2018, while the number of breaches increased, the universe of affected individuals decreased 34 percent,” the report says.
For non-healthcare customers, the 38 percent increase in the number of cyber claims came along with an increase in the cost of responding to them. Forensics costs were up 105%, call center costs were up 98%, notification costs increased by 107% and breach coach coasts were up by 72%, NAS said. Credit monitoring costs decreased by 1%.
“While in years past we’ve seen a growing frequency of ransomware claims, the costs to recover and the demands for payment were not nearly as concerning as what we’ve seen so far this year,” the report says. “In particular, we see growing frequency of the ‘Ryuk’ virus infecting our insureds environments, and the ransom demands are often 10X of what we’ve seen in years past.”
- US High Court Declines Appeal, Upholds Coverage Ruling on Treated Wood
- Fake Bear Attacks on Car for Fraudulent Insurance Claims Lead to Arrests
- T-Mobile’s Network Breached as Part of Chinese Hacking Operation
- Allstate Thinking Outside the Cubicle With Flexible Workspaces