Posted on Nov 22, 2021
The Mail on Sunday has reported a cyber-attack on exclusive jewellery firm Graff. Cyber criminals are alleged to have leaked up to 69,000 confidential documents, including private details of David Beckham, Donald Trump, Oprah Winfrey and Sir Philip Green.
They are thought to have demanded tens of millions of pounds in ransom money to stop the release of further sensitive information.
In this article, we look at the recent increase in the size of ransomware demands.
As well as the Graff incident, ransomware attacks have really hit the headlines in recent months, with companies such as Colonial Pipeline, CNA, Toshiba and JBS all the victims of cyber criminals. In the case of Colonial Pipeline, significant disruption was suffered by the US East coast energy infrastructure network, and Colonial ended up paying a $4.4 million ransom.
We spoke to Lindsey Nelson, Cyber Development Leader at market leader CFC Underwriting, to hear her thoughts. She says she is not surprised that blue-chip companies can be targeted in this way.
“Criminals are going to go after companies who are vulnerable, providing them with the path of least resistance, rather than companies who are valuable,” says Lindsey. “But the large Fortune 500 or FTSE companies typically have the perfect combination of being both extremely lucrative, while unfortunately having limited barriers of entry for criminals to penetrate their networks.
“There can be several motivations behind criminal activity, ranging from political state actors to hacktivists to rogue employee scenarios, but largely what’s fuelling crime is financial gain. Blue-chip companies are often targeted either directly or through smaller subcontractors and suppliers to gain access to their systems.”
Equally, she says, as ransomware now largely involves an element of data exfiltration, allowing criminals access to financial information, including the net profits of a company, it easily enables them to ask for a larger monetary demand by way of extortion.
“Larger companies also tend to be incentivised to pay the ransom demands quickly due to the fear instilled by either strict fines or penalties under privacy legislation and to avoid subsequent negative publicity from the media resulting in customer attrition,” adds Lindsey.
Frequency and severity on the increase?
We often hear repeated in the wider media that both the frequency and severity of cyber-attacks (not limited to ransomware demands) are on the increase. As far as Lindsey is concerned, this picture is not necessarily an accurate one.
She says, “Everyone in the insurance industry will have a vested interested in keeping both frequency and severity of cyber claims down. However, unlike some of the headlines, the frequency of cyber claims hasn’t increased in a significant way relative to the increase in the number of policyholders.
“What we are concerned about is the severity of cyber claims due to proliferation of ransomware attacks against businesses, and the extraordinary extortion demands making the headlines which, in a relatively young line of insurance, can easily overtake the profitability of cyber as a line of business.
“Long gone are the days of WannaCry where the average demand was £300 per victim; it’s not unusual these days to see extortion demands of up to £1M per victim, and that’s true across any industry, territory or size of business.”
Managing cyber risk
However, she adds, while it’s not possible to stop cyber-crime in the foreseeable future, there are ways to appropriately manage it across client, broker and insurer channels. “Cyber insurers are increasingly seeing the benefit of providing continuous scanning services on behalf of their policyholders to find vulnerabilities specific to their business, driving the frequency of claims down and helping shut a company’s digital windows and doors closed. Providing an experienced, multi-disciplinary – and crucially – in-house incident response team will also help.”
Do you need Cyber Insurance? Find out by speaking to our helpful team today who can help find you the best policy for your needs. Call us on 02920 626 226 or email insurance@watkindavies.com
"Very efficient, always friendly and helpful. I have used Watkin Davies for years, and they have always been competitive. I received great support recently when I had to make a claim, so I'd highly recommend them."
"I was very impressed with the quality of the service - it was outstanding. The advisor, Ms Spear went above and beyond to give me the best driving insurance policy. The policy I have received is exactly what I was looking for. Thank you so much Ms Spear!"
"I've used Instructorcover Plus for my driving instructor insurance for a number of years. Not only are prices competitive, even at renewal, but customer service is fantastic. Call operators are always cheerful and incredibly helpful. Everything is always sorted in a single call, saving valuable time. Highly recommend."
"Absolutely superb service from the team, particularly Natalie. Very easy and simple process"
"As aways very efficient"
"I have used InstructorcoverPlus for my driving tuition insurance for a number of years. Their prices are always competitive and everyone I speak to is friendly and helpful."
"Ceri was very helpful and knowledgeable on the phone"
"Karrie Brewer was so helpful today, especially as one insurance company would not quote, so had to shop around for us, many thanks"
"Kelly is amazing. Very helpful and friendly, did a great job today with helping me out to get insured. Amazing service!"
"Great service. Got my first driving instructor insurance with this firm. Price was competitive and customer service provided by Jane was great. I will definitely recommend the service."
"Team were very helpful when it came time to renew my policy, taking the time to check and make any amendments needed. Would highly recommend."
"5 stars!"
"Excellent service from Watkin Davies as per usual. I love the way they do all the hard work researching best quotes and provide you with your options. All the staff are very friendly and professional, I have to highlight Ceri who always does a fantastic job for me and my family."
"Really helpful and efficient customer service, friendly and knowledgeable too. I would highly recommend InstructorcoverPlus."
"I m a returning customer and what a wonderful experience. Emma is new to her role but she was very helpful and polite throughout. She got the quote done very quickly and managed to beat all my other quotations. I therefore didn't have to waste any more time. Further she offered me three instalments at 0% which is helpful in this current economic climate. The paperwork was sent straight away. Highly recommended."
"Once again, could not have been more helpful! Still a pleasure to speak to a 'real person' who knew what they were talking about!"