How will your Business Respond to a Cyber Attack Ransom Demand? Answer: Cyber Extortion Insurance by Christine Marcianno

04/07/2014 23:13


With DDoS attacks surging and no signs of slowing down, all organizations should be concerned with these types of attacks, and should prepare a mitigation plan before such an attack strikes them.  Ransom demands are becoming more common with DDoS attacks.  Today’s DDoS attacks are highly coordinated by cyber criminals who select their targets by first reaching out to their targeted organization, demanding a ransom and if the organization does not pay up according to the demand, a DDoS attack follows.  Reacting to a published ransom demand – should be planned and rehearsed, so an organization can quickly state its message and the facts to all concerned.


According to this ComplianceWeek article, hackers seeking ransom “are simply extortion in the Internet age… the modern-day equivalent of a thug blocking entry into a store, and telling the store owner, ‘this is a nice store. If you want your customers to come in and look around, you need to pay me.’”

In a recent blog article, I explained how “Cyber Insurance can serve as an Ideal DDoS Attack Response Plan”.   Cyber insurance, depending on the policy selected, offers cyber extortion coverage, aka ransom coverage.   Cyber extortion coverage can be added on to a cyber insurance policy.


Cyber Extortion Insurance pays to settle network security related extortion, ransom payments and other expenses incurred resulting directly from threats to send a virus to a computer system; disseminate the insured’s proprietary information; inflict ransomware or other types of viruses to destroy, corrupt, or prevent normal access to the computer system; or publish clients’ personal information.

The way cyber extortion coverage insurance works is, an insured organization must first pay a retention (aka “deductible”) before a claim (“ransom demand”) is paid out.


Basically, in real time this means that if your organization is facing a cyber ransom demand, based upon the ransom amount and specifics, the ransom demand may be less than your cyber insurance “retention” (which means $0 coverage) or coverage might be accessed if the ransom amount is higher than your cyber insurance “retention”.  For example, a cyber criminal has demanded a $25,000 ransom amount from the ABC organization in order to negate a DDoS attack.  ABC organization has a cyber insurance policy that includes cyber extortion insurance coverage, with a $10,000 “retention”.  ABC would be responsible for the first $10,000, paid to the insurer if the ransom demand and specifics warrant coverage and the cyber insurance policy would cover the remaining $10,000.

DDoS attacks are here to stay, are you prepared?  If not, now is the time to explore how cyber insurance can help your organization implement a DDoS attack response plan.  Request a cyber insurance quote today.

Recent DDoS Attacks, Cyber Ransom Demands and Amounts:

  • Domino’s – Domino’s France and Belgium Attacked by cyber criminals, private customer information held for $40,000 ransom.
  • – Ransom amount – unknown
  • – Feedly’s CEO reported,  “Criminals are attacking Feedly with a distributed denial of service attack. The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.” Ransom amount – unknown.
  • – Ransom amount – unknown
  • – Ransom amount – unknown.
  • – Ransom amount –$2,000.
  • – DDoS Attack Put Code Spaces Out of Business.  According to this PC Magazine article, closed its doors, following a security breach that began with a distributed denial-of-service (DDoS) attack, and ended 12 hours later after an attempt to extort money from the company.  Here’s Code Space’s letter to its customers addressing this occurrence: read letter. Ransom amount – unknown.

The informative articles below offer a wealth of information that can help you and your business understand this growing threat, how to be prepared and what to do if you’re a ransom demand target:

Today its best to be prepared ahead of time, as DDoS attacks are becoming fiercer and much more frequent, and in some unfortunate cases as we saw with Code Spaces, such attacks have the potential to force an organization out of business.   Get prepared and be prepared so that your organization has a plan in place to respond in order to ensure its continuation.   Cyber insurance could be the key to your organization’s DDoS attack or cyber ransom survival.