When it comes to ransomware, there may be some good news.
Companies are becoming more resilient against attacks, and hackers are increasingly extorting ransoms from them.
That’s one of the findings from insurance broker Marsh’s analysis of more than 1,800 cyber insurance claims received in 2023 from clients in the U.S. and Canada.
According to Marsh, less than 20% of the claims the company received last year involved ransomware attacks. Instead, claims were more often driven by other factors. These factors included “increasing sophistication of cyber attacks, MOVEit events that highlighted supply chain vulnerabilities, and privacy claims.”
Additionally, in 2023, less than a quarter (23%) of all companies that submitted a claim paid the ransom demand, down from the previous year.
We suspect that executives are becoming more sophisticated in their techniques to mitigate the impact of ransomware attacks, and that companies are taking better resilience measures.
As a result of this improved mitigation, businesses are less likely to be completely paralyzed by a ransomware attack and may be able to continue operating, even if at a reduced capacity.
And as Marsh explains, improved resilience can inevitably have a direct impact on a company’s decision as to whether or not to pay a ransom to an extortionist.
Of course, this is not to say that ransomware isn’t still a top concern for insurers and their customers – in fact, it remains a threat that must be taken seriously, given the potentially significant financial impact, damage to a company’s reputation and market share, and the risk of litigation and regulatory scrutiny in the longer term.
According to a Marsh report, the median ransom demand has soared from $1.4 million last year to a record high of $20 million. Does this indicate that ransomware attackers are getting greedier? Or more desperate?
It has been reported that businesses around the world have paid out $1.1 billion in ransomware payments – a figure that may come as a surprise to some, given that many attackers are based in Russia and financial sanctions could pose difficult legal challenges for businesses.
But the headline news is that many of the extorted businesses are refusing to pay the ransomware attackers.
And that must be good news for all of us.
The less likely cybercriminals feel they are to succeed in extorting a ransom, the more likely they are to redirect their illegal activities in another direction.
Editor’s note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.
