Australian Cyber Security insurance firms are feeding criminal gangs who target insured organizations.

Cyber Security Cooperative Research Centre (CCRC) C.E.O Rachael Falk and the Director of corporate affairs and policy Anne-Louise Brown refute ransomware payments. According to the report, cyber insurance should not include cyber crimes in its coverage. The ransoms serve as a motivation to establish are more complex cybercrime enterprises. They further explained that the ransom payments are a short-term reprieve to the victim organizations but with long-term implications.

How ransomware criminals operate

They first identify organizations with insurance certificates. Then vulnerability test is conducted on their systems to identify weak points in the security protocol. They prefer organizations with a lot to lose during a possible attack. The most preferred targets are those likely to lose large amounts of money, exposing confidential data, or when their credibility is at stake.

Reasons to prohibit Ransomware insurance

1. The funds are re-invested in the growth and establishment of more organized cybercrime syndicates. The criminals gain more power to conduct more attacks. According to the CCRC report, “cyber insurance is not a sustainable organizational cyber security strategy.” They further argued that making the payments is a motivation and a way of legitimizing illegal criminal activities.
2.  Persistent ransomware attacks; the hefty ransom payments attract new cybercriminals. During an interview with a cybercrime gang member, he explained that they target the insurers first to get their customers’ databases. Then they identify and plan a targeted attack from there. “Hack the insurers first to get their customer base and work in a targeted way from there. And after you go through the list, hit the insurer themselves.” 

Recommendations

• The government should intervene to prohibit insurers from offering cyber insurance policies. Organizations should instead be encouraged to seek the intervention of Cyber Security Recovery and response professionals.
• The Australian Prudential Authority (APRA) should demand from insurance firms the details of their coverage policies. They should also provide guidelines on the regulations of cyber insurance firms.
• Insurance firms should provide coverage policies favorable to Small and Medium Enterprises(SME’s) to ensure that such firms are not devastated in case of an attack. Many insurance policies are not affordable to small firms and therefore facing an imminent threat by cyber-attacks.
• The insurers should corporate with technology-related stakeholders to develop an affordable bundle and packages for large and small players.

In a nutshell, paying ransoms on Cyber-attacks is a bad idea which only escalates the problem in the long run. Progressive policies should ensure organizational rebound in case of an attack.