Organisations that fall victim to a ransomware attack shouldn’t let the cyber criminals know they have cyber insurance – because if the attackers know that their victim holds an insurance policy, they’re more likely to outright demand the ransom payment in full.
Cybersecurity researchers at Fox-IT, part of NCC Group, examined over 700 negotiations between ransomware attackers and ransomware victims in order to analyse the economics behind the digital extortion attacks that demand a ransom payment – often millions of dollar in Bitcoin – in exchange for the decryption key.
The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.
They found that if the victim has cyber insurance and that the attacker knows about it, then there’s little manoeuvre for negotiating for a smaller ransom payment, because the attackers will exploit the existence of the cyber insurance to cover the payment they’re demanding.
SEE: A winning strategy for cybersecurity (ZDNet special report)
“Look, we know about your cyber insurance. Let’s save