Insurers defend ransomware payouts
The Association of British Insurers suggests firms will struggle without the cover


The Association of British Insurers (ABI) has hit back at criticism of companies that payout fees for ransomware attacks.
The ABI defended its inclusion in first-party cyber insurance policies, according to the BBC, suggesting many companies could face financial ruin without the cover.
On Monday, the former head of the National Cyber Security Centre, Ciaran Martin said that the practice of paying out for ransomware attacks was "close to getting out of control". He also called for a change in the law on insurance, banning payments outright.
In response, a spokesman for the ABI told the BBC that insurers require that "reasonable precautions" are taken to prevent attacks in the first place, similar to other types of cover, such as home or travel insurance.
"Some might argue that any insurance that covers against a criminal act could lull the policyholder into a false sense of security," he said.
However, Martin was backed by others within the cyber security industry. Eset security specialist, Jake Moore told IT Pro that the practice was "propping up the system" and funding future ransomware attacks. In 2020, an AT&T study found that 40% of IT security professionals believed ransomware payments should be made illegal.
25/1/2021: Ransomware payouts are "propping up the system"
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
There is no chance of stopping ransomware attacks if insurance companies continue to keep fronting the bill, security experts have warned.
Paying hackers to get back online and to unlock files sends out the wrong message and inadvertently "props" up the system, according to Eset security specialist Jake Moore.
His comments echo those of Ciaran Martin, former head of the National Cyber Security Centre, who told The Guardian that he feared the situation was "close to getting out of control". He also called for a change in the law on insurance, banning payments outright.
Ransomware cases have increased over the last couple of years, with a spate of attacks in the UK and US as hackers took advantage of the COVID pandemic. Moore sympathised with organisations as they can often be "stuck between a rock and a hard place", left to choose between a payment to get back online or lose everything.
RELATED RESOURCE
Ransomware resiliency: The risks associated with an attack and the reward of recovery planning
An overview of the history of ransomware, its potential impact, and best practices to protect IT systems
"The cyclical ransomware business model needs to be put to a stop but there isn't a chance when insurers are propping up the system," Moore told IT Pro. "For years, insurers have offered to reimburse ransomware attack victims and even offer support in how to pay if they require help but this just sends the completely wrong message out and funds the next cyber crime wave of activity.
"If the correct legislation could be drafted, we could see a decrease in this fateful attack vector."
Along with a legal fix, Moore firmly believes that further education into preventative measure is key. Correct backups and other proactive techniques could put a stop to it and part of the problem with payouts is it doesn't guarantee that businesses systems will come back online. What's more, payment demands usually increase over time.
In June, cloud service Blackbaud suffered a ransomware attack that resulted in a data breach. The firm told its partners it had paid the ransom on the behest the stolen data would be deleted.
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million reward
News The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attack
News The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalities
News The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacks
News The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b model
News Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarter
News Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new group
News The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos