The number of companies affected by this type of attack has exploded over the past two years, and being insured does not guarantee compensation.
–
Like water damage or burglary, cyberattacks are among the hazards against which a company must be prepared. Among hackers’ favorite tools is ransomware, malicious software designed to hold sensitive data hostage. To hope to review his precious files, the scammers demand a sum of money from the victim.
This type of malware is like an epidemic in the IT landscape: 73% of French companies and institutions say they have been targeted by ransomware in 2021, compared to 43% in 2020, according to a report by Sophos.
Naturally, companies and organizations now anticipate this type of attack by subscribing to an insurance contract, however small entities are much more likely to lose everything during an attack, since only one company with less than 250 employees out of ten has this type of contract.
Now, being insured does not necessarily mean being reimbursed. Generally it is the costs of cleaning up the damage that are borne by the companies. As for the payment of the ransom, the subject is debated. 40% of affected businesses in 2021 said the insurer had repaid the ransom.
For a company, the payment of the ransom is often the easy choice: to avoid losing everything without having to replace the computer systems in the process. Insurers and the ANSSI (National Agency for the Security of Information Systems) discourage giving in to crooks so as not to encourage this practice. Some companies like Generali specified that they would never reimburse the sums advanced to pay the attackers.
“We are still waiting to be compensated”
A group, affected by ransomware, told us, on condition of anonymity, that they had still not received a single euro from their insurance, even though the latter had recommended that they not pay. The attack took place last November, after an ordinary employee was tricked into downloading a PDF file.
The company decided to turn off all the servers and called its insurer immediately. This group, with 75,000 employees, lost several hundred thousand euros, first with the cyberattack and then with the overhaul of the computer system. A few weeks later, the group begins to understand that compensation is not a guarantee.
« We have a lot of problems with the legal insurance teams. They constantly extend the deadlines, come back to see us each time for a new detail, sometimes on subjects that have nothing to do with the accident. We have the impression that they are playing the clock. However, ransomware attacks are included in the contract “, tells us the IT security manager of the company.
« It is a large insurance group and we are certain that we are not going to renew the contract. Nevertheless, we continue to pay monthly, because we do not want to break it, in the hope of being compensateds,” he tells us.
A bill to regulate the payment of ransom
Stories like these are common. Cybereason, a company specializing in cybersecurity technologies, tells us that many customers turn to them after ransomware. ” The attackers put pressure on the victim by offering an initial sum and threaten to increase the ransom price if the company does not pay immediately “, tells us Joël Mollo Managing Director France of Cybereason. ” As far as I remember, none of the victims obtained a full refund of the amount advanced.»
A draft article hinted at the possibility of a legal framework for ransom payment. Filed on March 16, the text wants to condition the reimbursement by the insurance to a complaint filed within 48 hours of the victim. ” This is not the best response to this practice. This bill will only encourage the criminal industry », Analyzes the IT security manager of the affected group.
In the United States, the opposite choice is made: several states have proposed to enshrine the prohibition of payment in law in order to stop the haemorrhage suffered by companies in the country. In 2021, the average amount paid by the victims was 500,000 euros on average.
––
–
–
–
