IoT devices including connected cars, medical devices, and manufacturing equipment make perfect targets for ransomware attacks, according to the Institute for Critical Infrastructure Technology, a cybersecurity think tank.
Ransomware is malware that encrypts a targets files or systems so the owners can’t access them. The owners can only regain that access by paying a ransom to the hackers to decrypt the files or systems.
Ransomware attacks have grown increasingly popular among cyber criminals looking to make money: Symantec found that ransomware attacks increased 35% from 2014 to 2015 in its recent Internet Security Threat Report.
Most ransomware attacks target PCs, but IoT devices could offer much more lucrative targets for cyber criminals conducting ransomware attacks. For instance, the report warned about the possibility of hackers infecting connected pacemakers and insulin devices with ransomware and then draining the batteries on those devices. Patients whose lives depend on such devices would pay a significant ransom in such cases.
Hackers could also infect connected cars with ransomware so that the car won’t turn on until the owner pays a ransom. Hackers are already expanding their ransomware attacks to hit mobile devices and hospital networks, so it likely won’t be long until we see ransomware attacks targeting specific types of IoT devices.
Given this research, it’s no surprise that companies are more worried than ever about the looming threat of hackers penetrating their networks. In the last year, the number of records exposed in data breaches rose 97%, according to the Identity Theft Resource Center.
The frequency and sophistication of cyber attacks are at an all-time high, and the costs associated with data breaches continue to rise. While companies are investing more in cybersecurity to ward off attacks, they know they won’t be able to spend their way to absolute security. A cybersecurity team of more than 1,000 staffers with a budget of $250 million wasn’t enough to save JPMorgan Chase from getting hacked in 2014. As a result, companies are turning to cyber insurance to help mitigate the costs of a potential breach.
However, insurers have been slow to extend cyber insurance to many businesses, as they have yet to develop proven tools to help them assess the risks and costs associated with cyber attacks. Cyber insurance policies also often have high premiums and low coverage limits to help protect insurers from incurring too much exposure to a cyber attack.
Jonathan Camhi, research analyst for BI Intelligence, Business Insider’s premium research service, has compiled a detailed report on cyber insurance that examines the growth of this market and identifies the key factors driving that growth. It also identifies the commercial sectors that are underserved in the cyber insurance market, which present a unique opportunity to insurers. Finally, it explains how insurers can find creative ways to cover these underserved markets while still limiting their overall exposure.
Here are some key takeaways from the report:
- Cyber insurance plans cover a variety of costs related to cyber attacks, including revenue lost from downtime, notifying customers impacted by a data breach, and providing identity theft protection for such customers.
- Annual cyber insurance premiums will more than double over the next four years, growing from to ~$8 billion in 2020.
- However, many insurance companies have been hesitant to offer cyber insurance because of the high frequency of cyber attacks and their steep costs. For example, Target’s notorious data breach cost the company more than $260 million.
- Insurers also don’t have enough historical data about cyber attacks to help them fully understand their risks and exposures.
- There are large underserved markets with very low cyber insurance adoption rates such as the manufacturing sector, where less than 5% of businesses have cyber insurance coverage.
In full, the report:
- Projects the growing demand and premiums for cyber insurance in comparison to other common forms of commercial insurance.
- Illustrates how cyber attacks are growing more sophisticated and more costly, which is driving more companies to consider cyber insurance.
- Explains the obstacles that insurers face in extending cyber insurance coverage to different types of businesses.
- Provides insights on how insurers can overcome these challenges to grow their cyber insurance business without incurring too much risk.
To get your copy of this invaluable guide to cyber insurance, choose one of these options:
- Purchase an ALL-ACCESS Membership that entitles you to immediate access to not only this report, but also dozens of other research reports, subscriptions to all 5 of the BI Intelligence daily newsletters, and much more. >> START A MEMBERSHIP
- Purchase the report and download it immediately from our research store. >> BUY THE REPORT
The choice is yours. But however you decide to acquire this report, you’ve given yourself a powerful advantage in your understanding of cybersecurity.
Source: Business Insider