RegionsEEAExtortion and ransomware among fastest-growing cyber losses

Extortion and ransomware among fastest-growing cyber losses

While headlines are dominated by major data breaches and, more recently, by audacious Distributed Denial of Service (DDoS) attacks, it is encryption ransomware and cyber extortion that is one of the fastest growing cybercrimes, reports AIG Europe.

The insurer, part of global group American International Group, has released details of European cyber claims received between 2013 and September 2016 – highlighting both most frequent and developing trends in the sector.

Ransomware and cyber extortion accounted for 16% of the cyber claims received by AIG in Europe, the Middle East and Africa (EMEA) during the period, with a further 4% of claims relating to other cyber extortions. There has, in particular been a proliferation of cyber extortion attacks in 2016.

“This year we have had a lot of notifications from businesses that were victims of ransomware type attacks, and nearly all of them had extortion elements to them as well,” said Noona Barlow, head of liabilities and financial lines claims, Europe.

“We are seeing cyber extortion and ransomware as one of the fastest growing areas of claims. In cases of cyber extortion, claims severity depends on the type of organisation, the level of business interruption caused and need for forensic investigation and system restoration.

“While ransom demands typically remain small, this form of extortion is a lucrative and relatively straightforward way of accessing ‘fast cash’ for cyber criminals and we can only see it growing in the future.”

Unsurprisingly, the majority of cyber claims currently emanate from industries that are required to notify customers if sensitive data has been compromised, with financial services accounting nearly a quarter (23%) of all AIG’s EMEA cyber claims received during the past three years, followed by communications, media and technology (18%), a category that includes telecommunications.

Extortion and ransomware however tend to be found across a wide range of industries – often without any obvious online or IT angle – and are as likely in smaller businesses as large, AIG Europe reports.

For example, an online gardening business that discovered ransomware was encrypting their files. While the small business did not have a significant amount of sensitive data that could have been compromised, they were unable to contact customers and access invoices.

cyber-claims-received-by-aig-emea-2013-2016-by-type

Related Articles

“Destroy or democratise” – how Open Banking will impact connectivity

Banking “Destroy or democratise” – how Open Banking will impact connectivity

5m Victoria Beckett
Treasury TV: Yeng Butler compares US and European MMF reforms

Compliance Treasury TV: Yeng Butler compares US and European MMF reforms

5m Victoria Beckett
Money market reforms: Navigating LVNAV, CNAV and VNAV

EEA Money market reforms: Navigating LVNAV, CNAV and VNAV

6m Victoria Beckett
The Challenge of Building and Maintaining a Central Treasury Operation in a Decentralized Company

EEA The Challenge of Building and Maintaining a Central Treasury Operation in a Decentralized Company

6m BELLIN
The Treasury Challenge of a Post-Merger Integration

EEA The Treasury Challenge of a Post-Merger Integration

6m BELLIN
The Challenge of Integrating Worldwide Subsidiaries into one TMS

Baltics The Challenge of Integrating Worldwide Subsidiaries into one TMS

6m BELLIN
Q&A with BMG's treasury : BELLIN - We Love Treasury 2

EEA Q&A with BMG's treasury : BELLIN - We Love Treasury 2

6m BELLIN
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

6m Alex Kwiatkowski