It's no secret that ransomware and cyber extortion attacks have been on the rise, and have seen higher ransom payment demands, since the beginning of the pandemic. According to the 2021 Verizon Data Breach Investigations Report: "The major change this year with regard to action types was Ransomware coming out like a champ and grabbing third place in breaches (appearing in 10% of them, more than doubling its frequency from last year)." Similarly, insurance carrier Hiscox reported in its Cyber Readiness Report 2022 that "[m]ore firms were hit by ransomware – 19% compared with 16% the previous year."
That leads to an important question for any enterprise: Would your organization's insurance policies cover the losses from ransomware or cyber extortion?
What Are Ransomware and Cyber Extortion?
Ransomware is a form of malicious software used by hackers to gain access to your company's computer systems or files and block user access to the systems or files. Cybercriminals hold the data hostage until they receive a pre-identified ransom payment in exchange for the encryption key. A cryptocurrency such as bitcoin is typically demanded by the attacker as payment.
Early ransomware attacks demanded a ransom to unlock the data or a device. Hackers currently, however, often initiate "double extortion" attacks that demand a ransom to both unlock data and prevent the publication of the data.