15 May 2017Insurance

‘WannaCry’ ransomware cyber-attack exposes protection gap

Major ransomware worm attacks such as the recent one dubbed ‘WannaCry’ which hit several organisations such as the UK’s health care system NHS and Spain’s telecoms firm Telefonica are expected to become more frequent and expose the protection gap in the global economy, according to experts.

A massive ransomware worm caused damage across the globe over the past weekend, stopping car factories, hospitals, shops and schools.

Unlike the US, where the cyber insurance market is comparatively well developed, elsewhere in the world such attacks may leave affected organisations with millions of dollars of losses due to a low take-up of cyber insurance cover.

“Cyber is a relatively new type of insurance cover, penetration into the public sector is likely to be low,” specialist insurer Beazley said in a statement. Public sector organisations have historically under-invested in technology and security, the firm added.

Ransomware attacks are very difficult to defend against – backups are really the only defence, Beazley said.

“The main costs of such an attack are business interruption, costs of recovering from backups,” the insurer noted.

The industrial-scale global cyber-attacks with 200,000 victims across 150 nations including Britain’s National Health Service and the Russian Federation’s Interior Ministry were no freak coincidence, said risk management software and services company Russell Group.

“Organisations need to boost their software upgrades to bolster defences against such risks, while governments need to accelerate the process of regulation in an increasingly vulnerable connected world,” said Russell Group managing director Suki Basi.

The overall cost of getting businesses going again could run into the billions of dollars, with companies in Europe, including Russia, and Asia particularly vulnerable, Reuters reported May 15.

Nearly nine out of 10 cyber insurance policies in the world are in the US, according to Kevin Kalinich, global head of Aon's cyber risk practice. The annual premium market stands at $2.5-$3 billion, according to the Reuters report.
An early introduction of state breach notification laws has driven the development of the cyber insurance market in the US.

Greater transparency motivated companies to buy cover to protect them from damages they were required to report. An upcoming European Union directive is expected to have a similar effect.

Companies that were not prepared for WannaCry can expect to rack up business interruption costs that far exceed a ransomware payment, Reuters cited Kalinich as saying.

A recent study by US insurer AIG showed that nine in 10 global cyber security and risk experts believe that cyber risk is systemic.

Industries most likely to face a systemic attack in 2017 include: financial services (19 percent), power/energy (15 percent), telecommunications/utilities (14 percent), healthcare (13 percent) and information technology (12 percent).

More than one-third estimate the likelihood of a simultaneous attack on as many as 50 companies at greater than 50 percent in the next year.

Around 20 percent of experts see an even greater threat, predicting a better than even chance that as many as 100 companies will be attacked.

Michelle Crorie, partner at law firm Clyde & Co, commented: "Data breaches and cyber hacks are now one of the biggest threats large businesses are facing around the world."

Today’s stories

Generali appoints former AXA P&C chief Granier as new CEO of France

LV= confirms receiving offers for general insurance operations

Cigna and Anthem battle over $15bn damages in failed merger deal

Gen Re gets approval for reinsurance branch in India; appoints CEO

International retail and Hannover Re drive Talanx Q1 growth

LMA and ABI call for 'fair' framework for discount rate

Former DARAG CEO Gossmann reappears as SOVAG restructures

Did you enjoy reading this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.

Already registered?

Login to your account

To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.

Two Weeks Free Trial

For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk


More on this story

Insurance
21 August 2017   Cyber insurance is increasingly becoming a growth driver for German commercial insurer HDI Global, according to CEO Christian Hinsch.
Insurance
30 June 2017   On the back of the latest cyber-attack, hitting firms globally with ransomware, insurers are seeking the tools to understand and win the cyber war – and these vary from education of staff to levering the power of artificial intelligence.
Insurance
25 April 2017   Specialist insurer Beazley has managed an increased number of data breaches on behalf of clients in the first quarter of 2017, driven by phishing techniques.