Cyber Extortion and Role of Cyber Insurance Policy

What is Cyber Extortion?

Cyber Extortion is a type of Cyberattack where Cybercriminals hack into the system and encrypt sensitive data and hold it hostage until a ransom is paid to decrypt the data. In a Cyberextortion Attack, Cybercriminals hack into a company’s systems, encrypt sensitive data or disable the company’s systems or websites and hold it hostage until a ransom is paid to decrypt the data or restore the company’s systems or websites.

What are the common methods of Cyber Extortion?

Cyberattacks pose a significant threat to businesses, exploiting vulnerabilities in their digital infrastructure and compromising sensitive information. There are 2 primary methods of Cyberattacks used to conduct Cyber Extortion: Ransomware Attack and Distributed Denial of Services (DDoS) Attack:

1. Ransomware Attacks: Ransomware is a form of malware which encrypts a company’s sensitive data, files and servers and rendering the data inaccessible to the Company. The hackers demand a ransom to provide the encryption key which can decrypt the data so that the Company may again access it. Ransomware got worldwide Notoriety in May 2017 when Wannacry Ransomware infected computers worldwide running Microsoft Windows Operating System and encrypted data and demanded ransom payment in Cryptocurrency.
2. Distributed Denial of Service (DDoS) Attacks: In a Distributed Denial of Service Attack, cyber criminals overwhelm a company’s network with a flood of traffic, which is beyond the company’s capacity to manage causing a system crash. This can result in significant downtime of the company’s system leading to financial losses.

Ransomware and DDoS attacks are amongst the most damaging types of Cyberattacks faced by an organisation.

Examples of Cyber Extortion

On 23^rd November, 2022, AIIMS, India’s leading medical Institute was a victim of Ransomware attack which led to a shutdown of their systems and all processes had to go manual. It took 2 weeks for the infected systems to come online back again. The attackers had encrypted the data and allegedly demanded Rs200 Crores in Ransom. Within a couple of weeks, Safdarjung Hospital was a victim of another Cyberattack.

These incidents clearly illustrate that Cyber Extortion is on the rise and business should proactively take steps to secure themselves against the rising threat of Ransomware.

How does Cyber Extortion hurt your Business?

A Cyber Extortion incident can have a devastating impact on business and can cause significant financial losses.

The immediate impact will be in the form of damage to reputation, loss of clients and customers. Consider a case where a Website is a victim of a Cyber Extortion incident which results in the shutdown of website. Customers will immediately move to website of competitors leading to loss of revenue and profit of the impacted company.

If Cybercriminals make the sensitive data of the website customers public, these customers are also likely to sue the company for damages, entailing substantial legal expenses and damages. Breach of customer data erodes trust and damages the reputation a business has worked hard to build. Customers may lose confidence in the company’s ability to protect their information, leading to a decline in sales and customer loyalty.

In such cases, a Cyber Liability Insurance Policy can help by paying for Data Restoration Costs as well as by providing coverage for Ransom Payments.

How to protect your Business from Cyber Extortion?

Cybercriminals are on the constant lookout for vulnerabilities in the system and they keep coming up with new ways to take advantage. Companies need to take a proactive approach and it must have a strong focus on implementing strong cybersecurity measures to safeguard the business from Cyber Extortion.

Here are some practical tips to consider in order to protect your business from Cyber Extortion:

1. Implement Robust Security Measures: Invest in robust cybersecurity measures such as firewalls, antivirus software, and encryption tools to protect your systems and data from unauthorized access.
2. Regularly Update and Patch Software: Keep all software and applications up to date with the latest security patches and updates to minimize vulnerabilities.
3. Employee Training and Awareness: Train employees on best practices for cybersecurity, including how to identify and report suspicious emails or activities so that they can identify phishing attempts and avoid clicking on malicious links.
4. Use Strong Passwords and Multi-Factor Authentication: Encourage employees to use strong passwords and enable multi-factor authentication for all accounts to add an extra layer of security.
5. Regular Data Backups: Regularly back up your data to secure locations, both offline and in the cloud, to ensure you can recover quickly in the event of a Ransomware Attack or Data Loss.
6. Incident Response Plan: Develop an incident response plan that outlines the steps to be taken in the event of a Cyberattack. This will help minimize damage and ensure a swift and coordinated response.

Should you pay the Ransom amount in case of a Cyberattack?

There are many issues to consider before deciding to pay the ransom. Following issues should be considered when deciding whether to pay a ransom or not:

1. Type of Data that has been compromised: The type of data that has been compromised is one of the most important factor to consider when deciding whether to pay the ransom or not. For example, If a medical institution such as a hospital is unable to access the medical records of its patients because of a ransomware attack, it might put many lives at risk or in another case if personally identifiable information was compromised, the inability to recover that data might lead to a significant interruption of business. In such cases, the company might need to pay the ransom.
2. Loss of Profits during downtime: Another important factor to consider is loss of profits until the time the business is able to restart its operations. Businesses need to consider the cost of data recovery without paying the ransom against the ransom demanded by Cybercriminals. Companies also need to consider other factors such as criticality of the data which has been encrypted by ransomware, availability of backup data, reputational damage, costs required to restore the data from scratch, customers finding an alternate supplier till the time the business operations are down etc.
3. Regulatory Impact: Another factor that needs to be considered when deciding whether to pay the ransom or not. Simply paying the ransom might result in the Insured Party violating regulations with respect to ransom payments and incurring significant penalties in the process. This is one more significant factor to consider when making ransom payments.

How does a Cyber Liability Insurance Policy protect against Cyber Extortion?

Companies should plan in advance and have a comprehensive Cyber Liability Insurance Policy in place which protects them against Ransomware. The Insured should be well aware of the Cyber Insurance Coverage as well as the exclusions in a Cyber Insurance Policy so that the company has a plan in place in case its systems are hit by Ransomware.

When a Company’s systems are hit by ransomware, it will initially incur costs such as Forensic Costs, Legal Costs, Notification Costs, Business Interruption Costs (Lost Profits) and maybe even a Ransom Payment.

Apart from the actual ransom payment, all the other costs will have to be incurred whether the data is restored or not and all these costs, including the Ransom Payment are covered by the Cyber Insurance Provider.

A Cyber Liability Insurance Policy typically provides coverage for the following with respect to a Ransomware Attack:

1. Forensic Costs: A Cyber Insurance Policy will pay the cost of Forensic Experts who will determine the loophole which was exploited to plant the Ransomware in the company’s network. Forensic Experts determine the Existence, Cause and Origin of the Cyberattack (Ransomware) and they also determine the extent to which Protect Data has been compromised or damaged.
2. Notification Costs: A Cyber Liability Insurance Policy also covers the costs of notifying the affected customers whose data was compromised and providing credit monitoring services to detect any suspicious activity or unauthorised charges.
3. Legal Expenses: A Cyber Insurance Policy covers Legal Fees and Expenses incurred in Investigation, Defence or Settlement of any Claim made against the Insured Company.
4. E-Business Interruption: Business Interruption Coverage in Cyber Liability Insurance Policy provides coverage for Loss of Profits faced by the Company caused by a Cyberattack.
5. Public Relations and Crisis Management: Cyber Insurance Policy Coverage includes cover for expenses for public relations efforts to minimize the impact of a cyberattack on a company’s brand reputation.
6. Extortion and Ransom Payments: A Cyber Liability Insurance Policy includes coverage for Cyber Extortion Incidents where a ransom payment is demanded. A comprehensive Cyber Insurance Policy covers the costs associated with negotiating and paying the ransom.

Final Take

A Cyber Liability Insurance Policy is crucial for businesses to safeguard themselves from the ever-growing threat of Cyber Extortion and other forms of Cyberattacks. A Cyber Risk Insurance Policy will pay for the expenses incurred in the aftermath of a Cyberattack as well as the losses suffered by third parties because of a Cyber Attack on your system.

A business must invest in Cyber Liability Insurance Policy Coverage to protect themselves against a variety of Cyber Risks. Moreover the Cost of a Cyber Liability Insurance Policy in India is also reasonable which makes it a no-brainer decision for companies.

If you wish to purchase a Cyber Liability Insurance Policy, Qian is an experienced insurance broker for Cyber Insurance. You can email us at insurance@qian.co.in. We would be glad to assist you.