According to the “ENISA Threat Landscape 2021” the average ransom amount doubled between April 2020 and July 2021. Whereas also small amounts of ransom are still popular with threat actors some of them also seek for publicity and the so called “Big Game Hunting”. The effects of the latter can be really devastating as the example of Colonial Pipeline showed: In the beginning of May 2021, the US-Pipeline operator fell victim of a double extortion attack. The attack led to the shutdown of pipelines that provide around 45% of the fuel delivered to the US East Coast causing a severe shortage of fuel supply. Only a couple of days later a similar scenario happened to JBS – the world's largest producer of beef, chicken, and pork. The refining of methodology and technology, along with the anonymity of the digitized world, and sources such as difficult-to-track cryptocurrency might further fuel severity and frequency of ransomware.

Could this also affect your Christmas season? Of course. Private photos of you and your family, could be encrypted and Christmas presents might not be delivered in time when manufacturing, logistics or the affiliated supply chains are disrupted. The worst case scenario again would be if critical infrastructure was hit, leaving families in front of dark Christmas trees, hospitals struggling to treat patients and preventing people from making trips to see their loved ones.

Munich Re is observing, that very often resilience and barriers to enter a system are too low. This might serve as a real Christmas gift to cybercriminals. The wish list of cybercriminals might not be too long but very effective in order to grow ransomware business. This is what a ransomware criminal's wish list might look like:

• No updated systems. To a hacker, no patch is a good match!
• No trained staff that´s prepared for things like phishing!
• No proper backups that could help to recover!
• No access management that might open the door to everyone!
• No cybersecurity control framework!
• No insurance coverage and affiliated services to respond and recover!

Don’t make their dreams come true! Don’t let ransomware spoil your festive season.

There is no sign that ransomware attacks will disappear. Consequently it is no surprise that demand for Cyber insurance will be continuing to grow. Ransomware is a typical coverage element in cyber insurance products. There is a clear demand for covering the direct financial consequences of ransomware attacks, such as financial losses resulting from business interruption, ransom payments and the cost for incident response measures like the restauration of data and systems. The standard policy goes beyond the financial losses, and enables the insured to make use of necessary services and consulting to assist in case an attack occurs. This supports increased preparedness and resilience.

Together with our clients, we’re creating cyber solutions that go far beyond traditional risk transfer.

Have yourself a merry little cyber insurance!