Skip to main content

Cyber insurance payouts are incentivizing ransomware attacks

ransomware
(Image credit: Image Credit: WK1003Mike / Shutterstock )

Insurance is a great way to cover the expenses of a cyberattack, but most security professionals believe it only exacerbates the ransomware problem.

Polling 200 UK IT security professionals for the report, cybersecurity experts from Talion found that 70 percent believe insurance incentivizes payouts, which prompts criminals to redouble their efforts.

At the same time, Talion learned that most firms that don’t report ransomware incident to law enforcement agencies, because they’re either afraid of getting in trouble (for paying the ransom) or simply want to get back on track as soon as possible and believe the police would only slow them down.

“Organizations should be mindful that it is unlawful to make a payment to terrorist organizations or prescribed groups in breach of international sanctions,” explained Mike Brown, CEO of Talion.

“What is required is a clear legal framework that allows organizations to make the best, lawful, decisions when they are in this high-stress situation. Law enforcement needs to find a way to work with commercial organizations so that they are viewed as a source of expertise and support, not a further obstacle to overcome.”

More than a third of businesses worldwide have experienced at least one ransomware attack or a similar breach that blocked access to systems or data, in the past 12 months.