Chubb Ltd is one insurer among at least three companies that are facing increase in costs related to claims from ransomware attacks. The company mainly serves wealthy families and corporations. And the rising value of bitcoin has been blamed by the company for the rising incidents of ransomware attacks because the cryptocurrency is the most preferred one for hackers.
Michael Tanenbaum, an executive vice president at Zurich-based Chubb that as criminals seemingly are scrambling for bitcoin, the firm has noticed “a massive escalation” not only in the number of ransomware hacking attempts but also in the amount of money being demanded. “The rise in price of bitcoin correlates,” he said in an interview, declining to specify total costs.
Heh said that earlier, the maximum amounts for corporate ransomware was about $17,000 but by midyear this year, more than $1 million was the maximum levels of payouts in corporate ransomware attacks.
Ransomware is a form of malicious software which demands money in exchange of access to computers and data therein which are blocked by the malware. There has bene an explosion of hacking for money and includes high profile incident like the WannaCry attack that took place earlier this year, say security firms. A unique view of the incidents for which money has to be paid exists with insurers, specifically in the most expensive cases.
Generally, facilitating cryptocurrency payments and investigating perpetrators is entrusted with enlisted third-party specialists, like Kivu Consulting and Navigant Consulting. And for such third parties, there is booming business.
Winston Krone, a global managing director who oversees Kivu’s ransomware services said that payouts have become larger because hackers have become emboldened by the rise in prices for bitcoin. He said that virtually every week, there are demands for $250,000 to $500,000 which were never heard of earlier.
“We can make immediate payments of six figures,” Krone noted. The company that he runs ensures that the corporate deals with only hackers and not come terrorist groups through a multilingual team for holding negotiations with the hackers, so that they do not fall on the wrong side of U.S. laws. Otherwise, he said, that it is ultimately the decision of the customer to pay the ransom. “The ethics of paying ransoms and paying criminals, we take a neutral stance.”
But, according to Christiaan Beek, leader of the strategic threat intelligence research for McAfee Inc., the cybersecurity firm, while bitcoin rallies, adjustment to the bitcoin denominated demands have not been able to be adjusted to by some hackers.
“Because the price of bitcoin has seen a dramatic spike in the latter half of 2017, it has made the overall price of demands much larger,” said Kimberly Horn, an executive at insurer Beazley Plc. The firm is engaged in claims related to breach-response and information-security.
(Adapted from Bloomberg)