A ransomware attack can be devastating to a business. An increasingly common threat, ransomware attacks account for 24% of all cyber crimes, according to Verizon. In 2023, total ransomware payments from victims topped $1 billion for the first time in history, according to blockchain data platform Chainalysis. Because of the very real threat that ransomware poses, it is important for businesses to understand what insurance coverage they have in place for ransomware attacks.
What Is Ransomware?
Ransomware is a type of malicious software, or malware, that either encrypts your data, making it unusable, or that locks you out of your computer system. It is called “ransomware” because the perpetrators follow up the attack by demanding a ransom payment to restore use of your data or system access. In some cases, the criminals will threaten to sell or publicly disclose your confidential data if you fail to pay the ransom.
Ransomware attacks can be pulled off in several ways. A common method is phishing emails, which closely resemble legitimate communications from a reputable organization or a person known to the recipient. Phishing emails contain a malicious link or attachment; clicking the link or opening the attachment allows ransomware to be installed on your device, where it can start encrypting files. Ransomware can also be downloaded from websites or ads, or it may enter your system through compromised software. Cyber criminals can also insert ransomware into your system by exploiting vulnerabilities in your network.
Does Cyber Insurance Cover Ransomware?
Every cyber insurance policy is different, and it’s important to examine your policy closely to understand your ransomware coverage, including deductibles as well as your policy limit and whether there are sub-limits for specific kinds of losses, such as extortion payments. Your policy may broadly cover financial losses from a ransomware event, including an extortion payment (if you choose to pay it) as well as the costs associated with forensic investigations, recovering your data, repairing your system, and business interruption losses due to your system being down. Policies often cover legal expenses and the cost to restore reputational damage, as well.
Because of the high costs associated with ransomware attacks, insurance companies are increasingly demanding that insureds implement stringent security measures. Cyber insurance applications contain more detailed questions than ever before, with higher thresholds for acceptable responses. The security measures that you have in place are increasingly likely to influence the cost and quality of coverage that you qualify for.
Exclusions
Like all insurance policies, cyber risk insurance has exclusions, and it’s important to understand which risks your policy does not cover. Policies often do not cover the cost to correct deficiencies and fortify your system against future attacks. Policies also typically exclude ransomware attacks associated with war or terrorism.
If you are involved in a dispute with your cyber insurance provider or other business insurance company, contact Schwartz, Conroy and Hack, PC for assistance. We have the expertise and tenacity to make insurance companies keep the promises they make to you and your business.
