The answer : Having to pay it twice – (or even more).
Your Cyber-Security is under more pressure than ever.
According to Infosecurity magazine, “double” extortion ransomware victims are up a massive 935% – thats a ten-fold increase year-on-year.
This is driven by the organised crime (RAAS) ransomware-as-a-service providers stepping up their marketing to reach out to sell themselves to more prospective cyber-criminals.
Analysts reported to have discovered 229 new players in the market, with the total now standing at 262. The number of offers on underground sites to sell access to companies almost tripled, from 362 to 1,099.
How does it work to pay twice? Unfortunately there are a number of ways because you are relying on their decryption, and they now know that you are prepared to pay for your data. There is no reason for them not to hit you again if they can.
But, can you trust a criminal? By their nature, the answer has to be ‘no’!
will your cyber-insurance protect you?
Regular readers will know we are huge advocates for cyber-insurance. We recommend all our clients have cover, because even the best cyber-security can only reduce your risk – nothing can eliminate it.
Nevertheless, we are starting to see a trend where it is increasingly hard to get cover for ransomware. While insurance carriers will provide cover in general, they are starting to limit their exposure to ransomware specifically. Some of the conditions they are requiring are becoming more demanding before they will even offer protection.
We think that will ultimately be good, as ransomware becomes less profitable and therefore less enticing to criminals.
(meantime, please keep educating your colleagues – 4% of people clicked on our latest phishing email test – that is gold to a hacker)
However it does mean that all organisations need to be taking even more steps to protect themselves than they may have done in the past.