Ransomware Is a Threat to All SMBsApril 22, 2019
By: Robert Sargent, Tennant Risk Services
Ransomware has become the most common form of cyber attack as it has morphed into a more effective, more targeted and significantly more destructive form of malware, and comprehensive Cyber Risk Insurance is an essential protection (see here, here). As we have noted previously (here, here), increasingly sophisticated attacks are targeting both large companies and SMBs, resulting in larger ransom demands and destruction of digital information.
Ransomware attacks have the capability to be more destructive to an organization’s operations than a breach of confidential information. Organizations depending on sophisticated systems and digital connections with trading partners are prime targets, even those with little or no personal, health or confidential information. Healthcare, financial, manufacturing and professional organizations cannot operate without their systems, so downtime is expensive. Criminals know this, and have targeted these sectors demanding larger ransom payments (see here).
For example, Norsk Hydro, a Norwegian aluminum and renewable energy company, was hit with a devastating ransomware attack early in 2019. The company’s operations were shut down, resulting in an estimated $40.0 million business interruption loss (see here, here, here). The company has Cyber Risk Insurance.
SMBs have the money to pay ransom demands, and criminals have targeted SMBs with lower levels of security and greater exposure to downtime, such as manufacturers, in order to drive even larger ransom payments. In 2018, 71% of ransomware attacks were against small business with an average ransom demand of $116,000 (see Beazley Briefing). Yet many SMBs forgo Cyber Risk Insurance (see here).
Cyber Risk Insurance is an essential coverage for protection from ransomware and other cyber attacks. Coverages vary widely, so a thorough review is essential to ensure that comprehensive coverage is in place. Ransom payments and business interruption losses are covered by comprehensive Cyber Risk Insurance policies, but the business interruption losses are typically much larger.
Tennant Risk Services, a division of Worldwide Facilities, is a specialty wholesale broker and underwriting manager, and delivers expertise, markets and exemplary services to our retail insurance agent clients in the placement of professional liability and specialty insurance (E&O, D&O, EPL, Cyber Risk, Specialty). We are experts in Cyber Risk Insurance and excel at hard to place accounts.