Ransomware Insurance? Check The Fine Print

Share post:

Ransomware insurance is slowly gaining prominence in the market as a means to enhance protection against the devastating effects of a ransomware attack. 

Depending on the vendor, a ransomware policy may cover loss of income if the attack disrupts operations, or loss of valuable data. Other policies may also cover extortion by refunding the ransom paid to cybercriminals.

The exact payout and terms are stated in the policy document, or the “fine print.” Fine prints also contain exclusions, which are circumstances under which the policy won’t pay out. This is where the problem lies.

For instance, a policy may require that its customer complies to minimum efforts to protect their systems against ransomware. Moreover, a notification clause is usually included in the contract that requires users to notify their insurance vendor about the attack at the soonest possible time.

Another common exclusion is war-related, where insurers refuse to pay out on a claim if the damage was because of war, or war-like actions. Currently, this is the most controversial item in the pipeline.

The first matter for discussion is to agree on the definition of war.  When does an act of aggression qualify as a war-related activity? Another issue is attribution because cyber attackers tend to disguise themselves and do not openly admit their involvement in an attack.

Also, in the event of a ransomware attack, how does the insurer – or the claimant – prove the organization responsible for the attack and their motivation? Can that be found out at all? 

Furthermore, ransom demands come in the millions, while damages could be as high as a billion dollars. Out of self-interest, insurance vendors will try to find any possible reason to refuse to pay a claim. In fact, most of these claims are commonly contested in court.

The outcome of these cases are uncertain and may take very long to resolve.

For more information, read the original story in Thehackernews.

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Amazon Workers to Strike Globally on Black Friday Over Rights and Climate Action

Amazon workers across more than 20 countries are set to protest or strike during the Black Friday and...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways