How will your Business Respond to a Cyber Attack Ransom Demand? Answer: Cyber Extortion Insurance by Christine Marcianno

With DDoS attacks surging and no signs of slowing down, all organizations should be concerned with these types of attacks, and should prepare a mitigation plan before such an attack strikes them.  Ransom demands are becoming more common with DDoS attacks.  Today’s DDoS attacks are highly coordinated by cyber criminals who select their targets by first reaching out to their targeted organization, demanding a ransom and if the organization does not pay up according to the demand, a DDoS attack follows.  Reacting to a published ransom demand – should be planned and rehearsed, so an organization can quickly state its message and the facts to all concerned.

According to this ComplianceWeek article, hackers seeking ransom “are simply extortion in the Internet age… the modern-day equivalent of a thug blocking entry into a store, and telling the store owner, ‘this is a nice store. If you want your customers to come in and look around, you need to pay me.’”

In a recent blog article, I explained how “Cyber Insurance can serve as an Ideal DDoS Attack Response Plan”.   Cyber insurance, depending on the policy selected, offers cyber extortion coverage, aka ransom coverage.   Cyber extortion coverage can be added on to a cyber insurance policy.

Cyber Extortion Insurance pays to settle network security related extortion, ransom payments and other expenses incurred resulting directly from threats to send a virus to a computer system; disseminate the insured’s proprietary information; inflict ransomware or other types of viruses to destroy, corrupt, or prevent normal access to the computer system; or publish clients’ personal information.

The way cyber extortion coverage insurance works is, an insured organization must first pay a retention (aka “deductible”) before a claim (“ransom demand”) is paid out.

Basically, in real time this means that if your organization is facing a cyber ransom demand, based upon the ransom amount and specifics, the ransom demand may be less than your cyber insurance “retention” (which means $0 coverage) or coverage might be accessed if the ransom amount is higher than your cyber insurance “retention”.  For example, a cyber criminal has demanded a $25,000 ransom amount from the ABC organization in order to negate a DDoS attack.  ABC organization has a cyber insurance policy that includes cyber extortion insurance coverage, with a $10,000 “retention”.  ABC would be responsible for the first $10,000, paid to the insurer if the ransom demand and specifics warrant coverage and the cyber insurance policy would cover the remaining $10,000.

DDoS attacks are here to stay, are you prepared?  If not, now is the time to explore how cyber insurance can help your organization implement a DDoS attack response plan.  Request a cyber insurance quote today.

Recent DDoS Attacks, Cyber Ransom Demands and Amounts:

• Domino’s – Domino’s France and Belgium Attacked by cyber criminals, private customer information held for $40,000 ransom.
• Evernote.com – Ransom amount – unknown
• Feedly.com – Feedly’s CEO reported,  “Criminals are attacking Feedly with a distributed denial of service attack. The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.” Ransom amount – unknown.
• Realtor.com – Ransom amount – unknown
• Ancestry.com – Ransom amount – unknown.
• Moz.com – Ransom amount –$2,000.
• CodeSpaces.com – DDoS Attack Put Code Spaces Out of Business.  According to this PC Magazine article, CodeSpaces.com closed its doors, following a security breach that began with a distributed denial-of-service (DDoS) attack, and ended 12 hours later after an attempt to extort money from the company.  Here’s Code Space’s letter to its customers addressing this occurrence: read letter. Ransom amount – unknown.

The informative articles below offer a wealth of information that can help you and your business understand this growing threat, how to be prepared and what to do if you’re a ransom demand target:

• Cyber Insurance can serve as an Ideal DDoS Attack Response Plan – Learn how cyber insurance can help your organization be prepared in the event of a DDoS attack or ransom demand: https://databreachinsurancequote.com/cyber-insurance/cyber-insurance-can-serve-as-an-ideal-ddos-attack-response-plan/
• Prepare yourself for high-stakes cyber ransom — Prepare for the worst now! Ransom incidents will increase significantly in the next decade.  Your organization’s management needs to know how to think about this new threat, as this article explains:https://www.infoworld.com/d/security/prepare-yourself-high-stakes-cyber-ransom-245320
• To Pay or Not to Pay – That’s the Ransomware Question – Security experts typically advise against paying a ransom demand as there is no guarantee paying the ransom will actually result in the bad guys holding up their end of the bargain and giving you back your data as this article reports: https://www.technewsworld.com/story/80640.html
• 6 Recent Real-Life Cyber Extortion Scams – A recap and the outcome of 6 recent ransom demands:https://www.darkreading.com/attacks-breaches/6-recent-real-life-cyber-extortion-scams/d/d-id/1278774
• Protecting Your Business from Ransomware – This article states why anti-virus protection does not protect against ransomware and offers several ways businesses can protect themselves against ransomware:https://www.businessnewsdaily.com/6657-ransomware-cryptolocker-protection.html
• Five steps towards cyber breach preparation –  So what is the new normal for companies wanting to prepare for a cyber breach? What steps should organizations be seeking to put into place in order to have the best possible response to a breach incident? This article offers five steps to help your organization get prepared for a cyber attack: https://www.net-security.org/article.php?id=2052

Today its best to be prepared ahead of time, as DDoS attacks are becoming fiercer and much more frequent, and in some unfortunate cases as we saw with Code Spaces, such attacks have the potential to force an organization out of business.   Get prepared and be prepared so that your organization has a plan in place to respond in order to ensure its continuation.   Cyber insurance could be the key to your organization’s DDoS attack or cyber ransom survival.

Source: https://databreachinsurancequote.com/cyber-insurance/how-will-your-business-respond-to-a-cyber-attack-ransom-demand-answer-cyber-extortion-insurance/