This Week in Ransomware – Friday, April 29, 2022

Companies are looking to cybersecurity insurance to mitigate ransomware losses, but cyber insurance may not be a panacea. Insurers may refuse a claim if companies don’t take steps to ensure that that they have adequate defences in place.

Cyber Insurance often falls short – Telus Report

Forty per cent of Canadian companies indicated that they have cybersecurity insurance that covers a ransomware attack, according a recent Telus study. The study further reports that organizations that have experienced attacks in the past 12 months are more likely to have cyber insurance.

Yet the study also found that cyber insurance does not always pay out. It notes that eight per cent of companies did not receive any payout at all, and that nine per cent were still waiting for their payment. Further, although 79 per cent of companies that filed a claim received a payout, coverage for 28 per cent of these companies was dropped.

Sourced from the study which can be downloaded from www.telus.com/RansomwareStudy. (Registration required)

Fewer insurers offering cyber coverage and coverage is harder to get

Cybersecurity coverage may also be harder to get for many companies, according to a report featured in IT World Canada this week. Most, if not all companies who provide cybersecurity insurance are experiencing losses. Canadian Underwriter reported that in the first eight months of 2021, companies took in $96 million in premiums, but received claims for $106 million. Inevitably, losses like this would result in higher premiums, more scrutiny on claims and in some cases, refusals to insure companies that were perceived to be at high risk.

Almost half of the respondents in a study cited in the IT World Canada article said cyber insurance policies are now more complex than they were in the past, 37 per cent noted that it was taking longer to get coverage, and for those who can get it, it’s more expensive.

The positive news was that the increased scrutiny by insurers may be forcing companies to take cyber security more seriously. Ninety-seven per cent of respondents said that they made improvements to their cyber defences to improve their cyber insurance position.

The bad news is that it remains harder to find insurers offering cyber coverage. Forty per cent of respondents said fewer companies are offering cyber insurance.

Sourced from an article in ITWorldCanada

Are companies making it too easy for ransomware attackers?

Despite the increase in ransomware attacks and the known costs, a report this week noted that vulnerabilities dating back as far as 2018 are still being exploited by threat actors. The report is from cyber intelligence agencies in Canada and its Five Eyes allies.

The report lists the top 15 vulnerabilities used to gain access to IT systems in organizations that had not patched their software.

Of those 15, one dates back to 2018 (CVE-2018-13379), a path traversal vulnerability that affects security appliances running Fortinet’s FortiOS and FortiProxy; one dates back to 2019 (CVE-2019-11510), a vulnerability that allows arbitrary file reading in Pulse Secure’s Pulse Connect Secure VPN; and two date back to 2020 (one is the Zero Logon vulnerability for Windows, while the other is for Microsoft Exchange).

Many of the remaining vulnerabilities that the report identifies have been known for months. Further, the report states, “their continued exploitation indicates that many organizations fail to patch software in a timely manner and remain vulnerable to malicious cyber actors.”

Patching software is only one of the basic steps to make it tougher for ransomware attackers to gain access. The Telus study quoted earlier has a complete list of ransomware defences that should be in place. Failure to execute on these basic steps may make it difficult to obtain cyber security insurance and could invalidate existing coverage. Companies should read their policies carefully to ensure that they are taking all of the steps necessary to ensure their coverage remains in force.

Sourced from article in IT World Canada