France’s Largest Insurer Will No Longer Cover Ransomware Payments
Thursday, May 13, 2021
The issue of whether or not to put an end to ransomware payments is not easy to resolve with theory alone; it may take experimentation by several nations willing to go ahead with a legislative ban to prove out whether or not it actually cools off the criminal market. Ilia Kolochenko, Founder and Chief Architect of ImmuniWeb, sees both sides of the issue but views the ultimate solution as a culture of cybersecurity that motivates individuals to take care of their own houses: “On one side, this decision will likely hinder flourishing ransomware business and indirectly incentivize would-be victims to implement better cybersecurity and enhance their cyber resilience. On the other side, the categorical ban will unfairly discriminate against enterprises who adequately care about their cyber defense but nonetheless fall victims to sophisticated attacks or because of their careless suppliers. Moreover, the total amount of ransom payments – paid in France and covered by cyber insurances – is a drop in the ocean of global ransomware business and will highly unlikely cause any material effect on cybercriminals. This move may also indicate that the cyber insurance business, at its very nascence, is not fully aware of the underlying risks of growing complexity and scale, and eventually refuse to cover them under the pretext of a legislative trend. The only reliable way to combat ransomware is to motivate organizations to implement and maintain cybersecurity best practices, otherwise we are treating the outcome rather than the root cause.” Read Full Article
Infosecurity Magazine: AXA to Stop Reimbursing Ransom Payments
CPO Magazine: Emotet Malware Taken Down By Global Law Enforcement Effort, Cleanup Patch Pushed to 1.6 Million Infected Devices