Reinsurance News

Ransomware incidents up threefold in 2019, as costs escalate: Aon

20th November 2019 - Author: Matt Sheehan

Ransomware incidents rates have increased threefold since Q4 2018, according to a new report from Aon, with average costs escalating at a similar rate.

The Cyber Practice Group of Aon’s Reinsurance Solutions business found that the costs of ransomware attacks continued to increase across all sectors this year, with payments tripling from an average of $12,762 to $36,295 in the second quarter alone.

This cost accounts for both recovery expenses – including ransom payments, forensic fees and assistance rebuilding servers – and downtime costs.

The average downtime increased from 7.3 days in Q1 to 9.6 days in Q3, and Aon noted that these costs are typically 5-10 times larger than the actual ransom amounts, due to lost productivity and revenue opportunities.

Analysts largely attributed these trends to the growth of ransomware as a service (RaaS), which has played a key role in raising downtimes as well as frequency.

RaaS allows even novice hackers and black hat operatives to adopt traditional Software as a Service (SaaS) models to enable criminal enterprise

Cybercriminals may write ransomware code and sell or rent it under an affiliate program for a quick profit to others intending to launch an attack, or even offer an entire platform to manage ransomware campaigns.

Aon’s report seems to support recent findings from Beazley, who reported a 37% increase in ransomware attacks from Q2 to Q3 this year, with cyber criminals increasingly looking to exploit weak security programs of IT vendors

Beazley found that 24% of ransomware incidents originated with attack on an IT vendor or managed service provider (MSP), with small businesses making up 63% of all ransomware incidents in the first nine months of 2019.

Willis Towers Watson similarly reported last week that primary and excess cyber renewals are currently averaging premium increases in the 5-10% range, driven by an explosion of ransomware losses during the second half of 2019.

The firm also observed an increase in the cost of data breaches, but stated that the main drivers were reputational and regulatory costs.

Aon, on the other hand, believes that RaaS has contributed to more significantly to upward trends in both frequency and severity of claims, due to less reliable data recovery and ransom payment success rates.

Analysts argued that less reliable data recovery is symptomatic of novice hackers utilizing RaaS models, noting that data recovery is becoming less certain despite the fact that as many as 96% of organisations that pay a ransom receive working decryption tools.

Print Friendly, PDF & Email

Recent Reinsurance News

Getting your daily reinsurance news from Reinsurance News is a simple way to receive only the reinsurance industry news that matters, delivered directly to your email inbox.

  • Only email is mandatory, but the more you tell us about yourself the better we can serve you in future!
  • This field is for validation purposes and should be left unchanged.

By submitting the form you are giving your consent to be emailed by us.

Read previous post:
Optio enters political risk market, backed by Hiscox

Optio Group, which is comprised of MGAs Ascent Underwriting, Cove Programs and broker Bay Risk Services, has announced the launch...