Payouts from insurance policies may fuel ransomware attacks

ABC News | 9/20/2019 | Staff
liizu (Posted by) Level 3
Click For Photo: https://s.abcnews.com/images/Technology/WireAP_9510408812884cc2a553c870bf12c930_16x9_992.jpg

The call came on a Saturday in July delivering grim news: Many of the computer systems serving the government of LaPorte County, Indiana, had been taken hostage with ransomware. The hackers demanded $250,000.

No way, thought County Commission President Vidya Kora. But less than a week later, officials in the county southeast of Chicago agreed to pay a $132,000 ransom, partially covered by $100,000 from their insurance provider.

Decision - Kora - Employees - Nothing

"It was basically an economic decision," Kora said. "How long do you keep all these employees sitting, doing nothing? Whereas if you pay this, we can be back up and running."

That's precisely the calculation hackers count on. Now some cybersecurity professionals are concerned that insurance policies designed to limit the damage of ransomware attacks might be encouraging hackers, who see insurers covering increasingly large ransoms and choose to target the type of institutions likely to have coverage.

Formula - Tyler - Moore - Security - Professor

"Once a cybercriminal finds a formula that works for them, they're going to stick to it," said Tyler Moore, a cyber security professor at the University of Tulsa. "If you're a company or a city that has this coverage, the decision of whether to pay is quite clear. It gets more difficult when you take a step back and look at the societal view."

This year alone, the average ransom payment climbed from $12,762 at the end of March to $36,295 by the end of June — a 184% jump — according to Coveware, a firm that negotiates on behalf of ransomware victims.

Officials - Insurers - Help - Ransoms - Hacks

Officials have cited insurers' help paying ransoms in recent high-profile hacks, including those in several Florida cities that paid six-figure ransoms. Elected officials reassured the public that taxpayers were only accountable for a deductible.

The mayor of New Bedford, Massachusetts, acknowledged this month that city officials offered to pay $400,000 after ransomware locked up 158 city computers in...
(Excerpt) Read more at: ABC News
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!