Marsh warns about potential financial impact of ransomware attacks
Marsh, the world’s leading insurance broker and risk advisor, is warning clients that ransomware attacks across the region are intensifying in both frequency and severity and advising them to take additional measures to protect their businesses.
With more people now working from home, cyber criminals are capitalising on the opportunities presented by less secure online environments and targeting remote workers, particularly with COVID-19 related phishing e-mails.
The pandemic has seen the cost and frequency of ransomware attacks explode, with the average amount now demanded by cyber criminals rising significantly – ransom demands attributed to Maze, a particularly sophisticated strain of Windows ransomware, have risen by a factor of six since the start of the coronavirus.
Worryingly, cyber criminals are increasingly targeting governments and healthcare organisations and, as the downtime from ransomware now averages 16 days, the impact and financial costs associated with remediation are growing exponentially.
Spiros Fatouros, CEO at Marsh Africa, commented: “Cyber criminals view ransomware as a lucrative business and are shifting the focus of their attacks from privacy breach to ransomware, which offers the potential for securing larger payments.
“The COVID-19 environment has cultivated the perfect conditions for more successful ransomware attacks: phishing e-mails that leverage pandemic-related topics, and less secure remote cyber security environments. From a business perspective, the financial and operational severity of ransomware is also increasing: the size of ransom demands are growing, operational downtime is becoming longer and remediation is now more complex.”
Marsh is advising that firms take a comprehensive approach to cyber risk management – one that combines appropriate cyber defences with broad insurance coverage and well-rehearsed resiliency plans.
Marsh participated at the ITWeb Security Summit on 2 June on the topic of 'Cyber Risk Quantification – from Risk Management to Risk Transfer'.