As you may have seen the debate about whether or not companies should pay ransoms to cyber criminals has taken a new turn after it was suggested insurers were “funding organised crime” by accepting ransomware claims.
Ciaran Martin, who ran the National Cyber Security Centre until last August, stated “I see this as so avoidable. At the moment, companies have incentives to pay ransoms to make sure this all goes away. You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry”.
The Association of British Insurers (ABI) has defended the inclusion of ransomware payments in first-party cyber-insurance policies.
<p>It is wrong to penalize companies that pay ransoms. This is doubly penalizing an organisation that is already dealing with the disruption of an attack, and it likely penalizes their customers as well. Sometimes this is the only option. Take a healthcare institution, for example. When attacked, their priority is to get back in operation helping patients. Paying a ransom, while distasteful, may be the fastest way to recover, thus saving lives. They shouldn’t face a double punishment for this.</p> <p> </p> <p>However, the concern about ransom payments is understandable if companies aren’t taking the correct steps to protect themselves. Ransomware could be considered similar to a home burglary. One of the pre-conditions of home insurance is that you must have certified door and window locks fitted and used to be covered, and we are increasingly seeing stronger protection requirements when it comes to cyber insurance, too.</p> <p> </p> <p>Insurers are looking for the correct technologies to be in place to not only prevent attacks but also recover from them without needing to pay ransoms. One of these technologies is WORM (Write Once, Read Many). This technology locks data on a storage device so that it cannot be changed or deleted within a defined time period. This allows companies to recover a clean copy of data in the event of an attack and avoid paying a ransom. If data can be quickly recovered without ransom payment, it will make life harder for cyber criminals.</p>