A new report from Black Kite shows the entire sector may be ripe for ransomware attacks.
While most people would not think of the insurance sector as a focus for cyberattacks, new findings show that the industry may have a serious security problem. The recently released Cyber Insurance Risk in 2022 report from Black Kite shows that 82% of the largest insurance carriers are the focus of ransomware attacks from cyber criminals.
The report, which examines rising cyber risk concerns and ransomware susceptibility in the insurance sector, found that 20% of the top 99 insurance carriers have a high rate of vulnerability to ransomware. In addition, the frequency of software supply chain attacks have been sharply on the rise, as the rate of hacks have increased by 300% in the last year alone.
“The sheer amount of data generated in the insurance industry makes the effort more worthwhile to cybercriminals,” said Jeffrey Wheatman, senior vice president and cyber risk evangelist at Black Kite. “Insurance companies tend to be larger organizations that can’t afford downtime. Imagine the outrage if a healthcare insurer could not pay claims or approve medical treatments for an extended period. As a result, they’re more likely to pay a ransom. Not all attacks are targeted, however. Sometimes cyber criminals just get lucky. If new malware is released, it’s a matter of low-hanging fruit.”
Cyber crime is profitable, and insurance is willing to pay
According to the report, ransomware attacks are not only increasing in their frequency and effectiveness, but also their profitability. As Wheatman alludes to, most companies in the insurance business are willing to simply pay a ransom to retrieve their data and avoid service outages. Per Black Kite’s findings, malicious cyber groups are cashing in, as the largest ransom paid to date by an insurance company totaled $40 million, with the average ransom coming in at $130,000.
“When asked why he robbed banks, infamous bank robber Willie Sutton answered, ‘because that’s where the money is’. This same sentiment applies to the insurance sector and why it’s a target for cybercriminals–because that’s where the data is,” Wheatman said. “Cybercrime is a very lucrative business. It’s being taken over by professional criminals that have more money to invest. AI has made attackers more effective, and the ability of law enforcement to go after cybercriminals, while better than it used to be, still leaves much to be desired.”
SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)
Per the report, 100% of insurance underwriters surveyed indicated that ransomware and supply chain attacks were among their top-three biggest concerns from a threat standpoint. Although cyber insurance against hacks are available, it can be extremely pricey if a company is affected. While this may help protect businesses against downtimes and cover lost profits, the premiums can skyrocket as numerous claims begin to be filed. The amount lost in damages is beginning to exceed the estimates for insurance policies, putting companies in a tough position when it comes to risk assessment.
To make matters even worse, the report found that insurance companies are also vulnerable to phishing attacks. Of the companies analyzed, 82% of insurance companies are susceptible to this type of attack, signaling a need for the industry as a whole to reevaluate its security policies and procedures.
Ways insurance companies can shore up cybersecurity
Black Kite offers two main tips for companies in the insurance sector to help avoid cyberattacks:
- Review your risk portfolio on a continuous basis
- Bring automation into the underwriting process
By conducting constant evaluations in risk assessment, organizations can diagnose where potential vulnerabilities may lie in their systems. A lapse in these processes can be costly, so it is recommended that those working in cybersecurity for insurance companies and constantly updating policies to avoid falling victim to the next big attack. Cyber risk assessments also can offer features such as real-time attack surface monitoring, allowing for businesses to always be on-guard and ready for potential ransomware and phishing attacks.
“Organizations that have more risk exposure and less effective risk management programs are more likely to fall victim to cybercriminals who prefer the ‘let’s throw something against the wall and see what sticks’ attack attempts,” Wheatman said. “For organizations that rely on insurers directly or indirectly, it is crucial to understand in real-time where the third-party exposures are and communicate the business impact before it becomes a problem.”
The automation of the underwriting process can also assist those in insurance when it comes to protecting sensitive data through use of cyber risk ratings platforms. These platforms can take the onus off of the company to avoid attack through externally-facing data from open-source intelligence resources. The automated processes then filter out the results through use of dashboards and reports, allowing organizations to make effective cybersecurity decisions as needed.
