Close

Get in Touch

Contact us to learn more about our elite cybersecurity services and industry-leading technologies.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Close
Breachquest

Emergency Incident Assistance

Is your network under attack? Get in touch with a
BreachQuest Specialist right away with this form.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

Or start a chat with a specialist now.

Live Chat

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

You can also reach us by calling our 24/7 hotline.

+1 888 409 5811

Or start a chat with a specialist now.

Live Chat

Great News for Cyber Insurance Market, or Just a Sign of the Times?

11.05.21
By: BreachQuest

Last week Corvus released their Risk Insights Index for 2021 Q4. From Q4 2020 through to Q2 2021, there was an increase in ransomware claims. But then in Q3 2021, there was a drop of 50%.  Corvus said that this was due to a shift in how organizations were looking at cybersecurity, but we believe it might be more than that. Michael Hill at CSO Magazine spoke with various people in the cyber insurance industry, and all were hopeful that this signaled a start of a new era, where insurers work alongside cyber security services to minimize exposure to ransomware attacks or cyber security issues for policyholders by initiating risk mitigation strategies.

While we are hopeful that this drop is based on the increased security posture of our clients, we want to urge caution.

Law Enforcement Actions

This week the confirmation that the US government, alongside other nations, hacked and crippled one of the most well-known ransomware gangs REvil (aka Sodinokibi).  Lisa Vaas in Threatpost breaks down the timeline of the law enforcement’s hack on Revil’s payment site, chat site, and negotiation portal in July 2021.  Even the recent dark web activity attributed to them is now thought to have been law enforcement trying to catch their associates.

BreachQuest’s own Jake Williams said in this CSO article: “Given the law enforcement actions against REvil and saber-rattling by the US government, it’s not surprising that ransomware claims have dropped off in Q2 and into Q3. The statistic that ransomware claims involving payment dropping in Q3 are undoubtedly correct, though there may be some misattribution of the cause.”

From Russia with Love

In July 2021, President Biden had a telephone conversation with President Putin. “I made it very clear to him that the United States expects when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” Biden said. Jake Williams explained it best to Jonathan Grieg from ZDNet in July: “The Russian government didn’t care about the cybercrime occurring within its borders as long as it didn’t impact Russia itself. That has clearly changed – the Russian government can clearly see they are being impacted by the actions of these actors”.

OFAC Report

 

On October 15, the Office of Foreign Assets Control issued an advisory outlining the risks of paying ransoms. We outlined it in detail in Breaking Down Recent Updates in the US Treasury’s Fight against Cybercrime. With the federal government paying such close attention, stakeholders increasingly ask whether they have potential liability by paying. BreachQuest does not make ransom payments preferring instead to utilize our Remediation and Recovery team to address ransomware incidents. For those situations where payment is required, BreachQuest partners with reputable payment organizations, though OFAC’s guidance has undoubtedly modified our clients’ decision calculus.

Only Time Will Tell

While we want to remain optimistic, ransomware claims going down 50% in Q3 2021 seems less and less likely to be only a change in the data security posture of policyholders. It seems far more likely a perfect storm of the above scenarios.

Share this article:

Sign up for our newsletter to get more industry news and insights.

Related Insights

11.04.21

Ransomware in Decline?

Read more

11.04.21

Ransomware Gang, BlackMatter – Ceasing Operations

Read more