Cyber threat is one of the most significant risks facing UK businesses and is on the increase. Government figures in 2015 revealed 81% of large businesses and 60% of small businesses had suffered a cyber security breach.
Cyber claims statistics from 2013 – 2016 show cyber extortion and ransomware to be the fastest growing cybercrimes.
From 2013-16 encryption ransomware claims accounted for 16% of known claims and a further 4% related to other cyber extortions.
“For the first nine months of 2016 we had a lot of notifications from businesses that were victims of ransomware type attacks, and nearly all them had extortion elements to them as well,” says Kathy Avery, Financial Lines Major Loss Adjuster. “A lot of quite small businesses have been affected.”
One example involved an online gardening business. The owners discovered ransomware had infiltrated their computer and was encrypting files, making it impossible to contact customers and access invoices. They believed they had no choice but to pay the ransom in order to unlock their files.
Such ransom demands are often small, usually paid in Bitcoin, but can be lucrative given the high frequency of attacks. Malicious hackers are thought to have generated around $325m in revenue over the past three years by using ransomware software known as CryptoWall, according to research by the Cyber Threat Alliance.
The Internet of things
The Internet of things, refers to the huge number of everyday devices with the ability to gather data through built-in sensors and transmit over the Internet. For example Smart TVs, CCTV cameras, digital video recorders, smart thermostats, webcams and home routers to name just a few. A threat currently worrying experts is a large scale DDOS (Distributed Denial of Service) attack on such devices resulting in widespread disruption. Such attacks are on the increase, up 138% year on year, according to Akamai’s latest State of the Internet/Security Report.
Latest statistics show cyber extortion and ransomware to be the fastest growing cybercrimes.
For those affected by ransomware or Denial of Service attacks, business interruption costs are highest during peak trading periods. In one particular case, although the ransom demand was only £262, the business interruption claim for the company concerned was in seven figures, as their website was taken down over a weekend.
Whilst cyber-attack, and more specifically ransomware, is on the increase, many businesses, of all sizes, still do not fully understand the risks involved or the need to have robust cyber security in place. They also currently tend to over-estimate the extent to which their existing insurance provides cover.
From a severity perspective, business interruption and data breach will continue to be significant drivers of loss now and into the future. If your business holds sensitive customer details, relies heavily on IT systems and websites, and/or processes payment card information, the threat of cyber attack is very real.
As your insurance broker, we can help protect your vulnerability to cyber threat by arranging cover against a wide range of risks, including business interruption, theft of intellectual property, loss of income, damage management or recovery / repair to corrupted or lost files, reputational damage and more.
We work with a panel of insurers who provide Cyber coverage and we will work with you to identify which cover suits your needs best.
– UK Cyber Security: The role of insurance in Managing and Mitigating the risk.
– March 2015 HM Government
– AIG Claims Intelligence Series: Behind the numbers:
Key drivers of cyber insurance claims
– Hiscox Cyber Readiness report 2017
– Insurance Age Cyber Article 27.4.16