Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Insurers run from ransomware cover as losses mount

Reprints
ransomware

(Reuters) — Insurers have halved the amount of cyber cover they provide to customers after the pandemic and home-working drove a surge in ransomware attacks that left them smarting from hefty payouts.

Faced with increased demand, major European and U.S. insurers and syndicates operating in the Lloyd's of London market have been able to charge higher premium rates to cover ransoms, the repair of hacked networks, business interruption losses and even PR fees to mend reputational damage.

But the increase in ransomware attacks and the growing sophistication of attackers have made insurers wary. Insurers say some attackers may even check whether potential victims have policies that would make them more likely to pay out.

“Insurers are changing their appetites, limits, coverage and pricing,” said Caspar Stops, head of cyber at insurance company Optio. “Limits have halved – where people were offering £10 million ($13.50 million), nearly everyone has reduced to five.”

Lloyd's of London, which has around a fifth of the global cyber market, has discouraged its 100-odd syndicate members from taking on cyber business next year, industry sources said on condition of anonymity. Lloyd's declined to comment.

U.S. insurer American International Group Inc. also said in August it was cutting cyber limits.

Ransom software works by encrypting victims' data and typically hackers offer victims a passcode to retrieve it in return for cryptocurrency payments.

It has become the attack of choice for cybercriminals, who previously favored stealing data and selling it to third parties.

Suspected ransomware payments totaling $590 million were made in the first six months of this year, compared with the $416 million reported for all of 2020, U.S. authorities said in October.

In one of the biggest heists, a ransomware attack on Colonial Pipeline in May shut the largest fuel pipeline network in the United States for several days.

U.S. cyber insurers' profits shrank in 2020, insurance broker Aon PLC found. Combined ratio — a measure of profitability in which a level of more than 100% indicates a loss — climbed by more than 20 percentage points from 2019 to 95.4%.

While insurers struggle to cope, companies are underinsured.

"It's very unlikely people are getting the same limits - if they are, they are paying an extraordinary amount," said David Dickson, head of enterprise at broker Superscript.

Insurers that issued $5 million cyber liability policies last year have scaled back to limits of between $1 million and $3 million in 2021, a report last month by U.S. broker Risk Placement Services found.

A European Union report released in October said the COVID-19 pandemic and rise of home working had enabled cybercriminals to flourish.

Meanwhile, cyber security company Coveware likened the 90%-plus profit margin from ransomware attacks this year to the gains Colombian cocaine cartels made in 1992.

Where hackers previously took a scattergun approach with methods such as sending out thousands of phishing emails, they have become more targeted, reading balance sheets and focusing on specific sectors.

Tom Quy, cyber practice leader at reinsurance broker Acrisure Re, said attacks were moving away from health care facilities and municipalities — which have weak IT controls but also little money —to manufacturing and logistics companies.

Such companies have deep pockets and cannot afford extended outages to fix their systems, so would rather pay ransoms, especially if they have insurance to cover them.

"We advocate to everyone you don't disclose your insurance because that's crucial to your business," said Scott Sayce, global head of cyber at Allianz Global Corporate & Specialty.

Premium rates have almost doubled in the United States and jumped by 73% in Britain as a result of the frequency and severity of ransomware attacks, insurance broker Marsh said. RPS said rates for some policies had risen by as much as 300%.