The Rising Cost of Ransomware Insurance Claims

The Rising Cost of Ransomware Insurance Claims

2023 was a year of major ransomware attacks, especially in Canada, where the average ransom payment reached above $1 million CAD. According to a poll done by Palo Alto Networks, the average ransom paid increased from about $450,000 in 2021 to $1.13 million in 2023. With ransomware continuing to grow more and more profitable, it is no surprise that the number of ransomware groups also increased by 34% between the first and last quarter of 2023. Experts predict that 2024 will see the same growth in ransomware, as bad actors continue to develop new attack methods and profits remain high. 

What does this mean for Cyber Insurance for Ransomware?

Due to the global increase in ransomware attacks, cyber insurance claims for ransomware have also become more frequent and costly. According to a report by Allianz Commercial, ransomware insurance claims are expected to increase by around 25%. In 2023, an analysis from San Francisco-based Coalition found that ransomware was the largest driver of the increase in claims frequency. Overall, ransomware was involved in nearly 1 in 5 cyber incidents involving insurance claims. Several different factors are contributing to the rise in ransomware insurance claims. This blog will outline the reasons for the increase in ransomware insurance claims and how it will affect the cost of cyber insurance in 2024.

Increasing Frequency of Ransomware Attacks

The leading reason for the increase in ransomware insurance claims is the simple fact that ransomware attacks have become more prevalent in recent years.  Businesses of all sizes and industries are being attacked with numerous different types of ransomware tactics used to exfiltrate data and extort money. Cybercriminals often exploit vulnerabilities in computer systems or use phishing emails to deliver ransomware payloads.

The high profits and ease of entry for ransomware crime continues to attract more and more cybercriminals to ransomware groups. This is partially due to the increase of ransomware being made accessible on the dark web, as well as the proliferation of Ransomware-as-a-Service (RaaS) and Malware-as-a-Service (MaaS) platforms. All of these factors lead to an increase in ransomware attacks, and subsequently an increase in ransomware insurance claims.

Growing Sophistication of Ransomware

Another reason for the increase in ransomware insurance claims is that ransomware attacks have evolved to become more sophisticated. Many of the modern-day ransomware tactics employ advanced encryption techniques and tactics to bypass security measures. Some common ransomware attacks involve double or even triple extortion tactics. For example, before encrypting data, the ransomware actors use data exfiltration to steal files and threaten to leak sensitive information publicly if companies refuse to pay the ransom. Data exfiltration can sharply raise the costs of a cyber insurance claim because these types of data hijacking take a long time to resolve and are very costly.

Moreover, breaches that take a long time to be detected can be up to 1000 times more expensive than those that are detected right away. As a result, organizations may find it challenging to prevent or mitigate the impact of such attacks without adequate cybersecurity measures in place. For these reasons, the sophistication of ransomware attacks is another key driving factor in the increasing cost and frequency of ransomware insurance claims.

Rising Costs of Ransom Payments and Recovery: 

In addition to the increase in frequency of ransomware attacks, the demands for ransom payments have also escalated over time, with cybercriminals targeting high-value organizations and demanding larger sums of money. The $1.1 billion tally of ransoms paid in 2023 nearly doubled the $567 million in 2022, and this amount is likely to increase in 2024 if businesses do not start implementing strong cybersecurity measures against ransomware.  

Similarly, the costs associated with restoring systems, recovering data, and mitigating reputational damage can be significant, prompting affected parties to file insurance claims to cover these expenses. Not including the payouts, the average cost of a ransomware attack – including detection and escalation, notification, post-breach response, and lost business – rose to $5.13 million in 2023, which represents a 13% increase from 2022. All of these additional costs lead to increased ransomware insurance claims, which will likely increase the entry cost cyber insurance in 2024.

Increased Awareness of Cyber Insurance: 

As businesses become more aware of the potential financial losses resulting from ransomware attacks, there has been a corresponding increase in the uptake of cyber insurance policies. These policies provide coverage for various costs associated with cyber incidents, including ransom payments, legal fees, forensic investigations, and business interruption losses. 

As of December 2023, 34% of US organizations had a standalone cybersecurity insurance policy, and 43% of SMEs bought cyber insurance for transfer of risks. In Canada, 39% of respondents had cyber insurance in 2022. The cyber insurance market is expected to continue to grow with the rates of ransomware attacks. 

Additionally, some industries may face regulatory requirements mandating cyber insurance coverage or imposing penalties for data breaches. Compliance with these regulations may drive organizations to invest in cyber insurance as part of their risk management strategy. All of these factors may lead to an increase in the cost of ransomware insurance.

Wrapping Up

In conclusion, this evolving landscape of ransomware attacks poses significant challenges for both businesses and insurers alike. The rising number of ransomware cyber insurance claims underscores the growing threat posed by ransomware attacks and the importance of robust cybersecurity measures and risk mitigation strategies for businesses and individuals.

As these malicious incidents grow in frequency and cost, the cyber insurance industry must inevitably adapt to effectively manage the associated risks. This adaptation may come in the form of increased premiums, tighter underwriting standards, and revisions to policy terms. Organizations must prioritize cybersecurity measures and consider cyber insurance as a crucial component of their risk management strategy. By investing in robust defenses, staying informed about emerging threats, and working closely with insurers to understand coverage options, businesses can better protect themselves against the financial and reputational impacts of ransomware attacks in an increasingly digital world.


Subscribe to Updates

Get latest IT trends and best practices