We're here to help
0345 222 5391
Mon-Fri, 9am-5pm, local rate & mobile friendly

Ransomware insurance: a simple guide

23/07/2023

PC padlocked with ransomware warning

All businesses have something hackers want: data. Especially the confidential and personally-identifiable kind. Ransomware attacks are just one of the ways they can get their dirty mitts on it.

Dealing with one can leave you feeling stuck between a rock and a hard place, and likely panicked about what to do.

Which is exactly where cybercriminals want you. It’s when you’re most likely to cave into their demands.

Stick with us, though. Because here’s where ransomware insurance can really help you.

Oh, and definitely don’t try to pay any ransoms yourself. There’s no guarantee your hard drive won’t be wiped and your data stolen anyway.

What's ransomware?

Ransomware comes in various guises: crypto, locker, wiper, etc. All allow cybercriminals to hack into your systems and wreak havoc with your data.

Where ransomware differs from other malware is it doesn’t just steal your data from under your nose. It locks it down by encrypting your files and blocking your network.

A ransom note pops up on your screen demanding payment - usually in Bitcoin - or risk seeing your data leaked or stolen - or both.

Now your personal info’s in the hands of unscrupulous cybercriminals to do with as they like. Leaving you vulnerable to further breaches, attacks, fraud and identity theft attempts, and who knows what else.

In short, a whole heap of extra headaches.

Tick tock, tick tock

With your systems in shut down and business ground to a halt, you’re fast losing money.

And now there are other scenarios to worry about, too. Like ICO fines, or your customers and clients suing you for personal data loss.

Time’s ticking, with no option but to pay the ransom. Or so cybercriminals want you to think. Realistically, meeting their demands won’t help if your data’s stolen anyway. Nor will it guarantee you won’t get attacked again.

Not to mention that paying online ransoms helps fuel a fast-growing and increasingly global crime economy.

The true cost of ransomware

Dark networks, the rise of cryptocurrency, and other ground-breaking technologies have made ransomware what it is today: a fast-evolving software product that’s traded freely and anonymously on the dark web.

It’s worth megabucks to the shadowy individuals and crime gangs who prop it up. And no wonder. Found in the right – or rather, the wrong – hands, ransomware attacks can disrupt supply chains and shut down the data and systems of businesses, hospitals, schools, and even local governments.

The scale of the problem is so huge the US government made paying cyber-attack ransoms illegal in 2020.

And while the UK hasn’t joined them yet, the official advice from the National Cyber Security Centre (NCSC) is to avoid paying them at all costs.

However, the sad reality is many UK organisations would rather cough up the cash than risk going insolvent. Making them rich pickings for cybercriminals hellbent on extorting their victims.

The rise of RaaS

2016 saw a huge surge in ransomware attacks (688 new threats per minute, according to McAfee Labs) following the emergence of Ransomware as a Service (RaaS).

Thanks to RaaS, cybercriminals could ditch automated campaigns in favour of targeted attacks, while ransomware developers received a tidy sum per successful breach.

This subscription-based business model revolutionised the speed and scale at which ransomware software could be launched, allowing cybercriminals to carry out bigger, bolder attacks.

For example:

  • The WannaCry attack in May 2017: infected over 300,000 computers in 150 counties (including NHS servers, leaving doctors unable to access patient data). 
  • The attack on the global aluminium producer Norsk Hydro in 2019: cost the company around £45 million, and caused profits to plummet by 82%.
  • The 2020 ransomware attack on the London Borough of Hackney: shut down networks and disrupted services including housing and benefits payments.

Ransomware: some stats and facts

Unfortunately, there’s no sign of ransomware's success rate slowing down just yet. Or of cybercriminals showing any scruples when targeting businesses.

What's more, the start of the COVID-19 pandemic in January 2020 galvanised further attacks as cybercriminals exploited vulnerabilities in remote workers' virtual private networks (VPNs).

2022’s 'The State of Ransomware' report found 66% of the medium-sized organisations Sophos surveyed were attacked in 2021, almost double the numbers of the previous year (37%).

Of those, 65% saw their data encrypted (up from 54% in 2020). And of the 46% who paid the ransom, just 4% got their data back.

On the flip side, the report also found 83% had purchased cyber insurance with cover for ransomware attacks.

A necessary fix considering ransomware attacks cost businesses an average of $1.4 million (around £1.08 million) and a month to recover from.

Do I need cyber insurance for a ransomware attack?

Yes. For a few good reasons.

Most data breaches are down to human error. Something as simple as falling for a fake email or failing to run a security update on your computer.

Training your staff up on cybersecurity measures and installing an anti-virus programme are all good preventative measures. But they’re never watertight.

And they won’t help you when you’ve fired your computer up on Monday morning to see a flashing sign demanding £50k in Bitcoin in the next 48 hours or risk a total data wipe-out…and that’s before you’ve even had your first cup of coffee.

In that situation, cyber insurance is a godsend. It hires a whole team of IT, legal and PR experts to help put a stop to the attack and clear up any messy after-effects.

In the meantime, your policy covers your business interruption losses. Some will even provide a vital cash injection from day one of an attack.

In short, a cyber policy does everything to keep you going until you’re back on your feet.

Does cyber insurance cover ransomware attacks?

Assuming your cyber policy covers cybercrime (and you should check it does), then it should also include ransomware coverage.

That aside, it’s good to understand what cyber insurance is and what it covers.

As for the clean-up costs of most ransomware insurance claims, here's a prime example:

  1. Your systems are breached. Your insurer hires a skilled negotiator to make contact with the hackers. £4,000
  2. The hackers refuse to lift the attack or lower the ransom. Your insurer pays the whole amount. £20,000
  3. A crisis management team advises on how to best communicate the data breach to your clients.£3,500
  4. A forensic expert trawls through your systems, finding and fixing the breach which allowed hackers to enter. £17,000
  5. Your policy compensates you for five days of business interruption. £3,000

Total cost: £47,500

How can I protect against a ransomware attack?

The truth is you can’t. Not completely. But there’s plenty you can do to reduce your chances of coming a cropper with one.

Ransomware doesn’t appear from nowhere. Often, it’s piggybacked into your servers via dodgy files and links embedded in spam and phishing emails.

Dubious software, plugins, file extensions, and app downloads can be infected with ransomware too. A cybercriminal can even download it to a USB stick and leave it lying around your office for a hapless employee to pick up.

Training your staff up on phishing, pharming, and social engineering techniques will help them stay on top of the latest bevvy of cyber threats.

Investing in a good anti-virus software programme is also a must. As is running frequent software and operating system updates to prevent hackers from exploiting vulnerabilities across your devices.

Oh, and in an ideal digital world, you wouldn’t have to pay ransom fines for your data as you’d already have it backed up in the first place.

That’s plenty to be getting on with, we think. But if you ever need advice on protecting against ransomware, the NCSC has it in spades.

Mitigating malware

Frankly, ransomware is a complex threat, and one we’ll all have to live with for a long time yet. At least with ransomware coverage, your business has a fast-track route to dealing with it.

If you have more questions about cyber insurance, you can call our friendly advisers on 0345 222 5391.

Image used under license from Shutterstock.

If you liked this, you might like these...

Do I need terms and conditions?
Not sure if your business needs to have terms and conditions? Here's a run down of the who's, what's, where's, and how's of Ts & CS.
How to protect yourself against identity fraud
Knowing how to protect yourself against identity fraud can save you a lot of trouble. Here's how to stay safe when using the web.
Why turnover matters for your insurance
Here's why your turnover matters and why it's important to keep your insurer in the loop. Especially when it comes to renewal.

More Advice, News & Know-how