Amidst the recent surge in ransomware attacks on U.S. businesses—with crypto criminals and sometimes State actors invading and encrypting computer and operating systems and extorting funds in exchange for the decryption key—one new ploy deserves attention from our perspective as insurance coverage lawyers. A new scheme involves demanding that the target provide details of its cyber insurance policies so that the payment demands can be adjusted to fall within the coverage the victim purchased.
The frequency and severity of cyber incidents, particularly ransomware attacks targeting businesses and critical infrastructure organizations, have been on the increase and are unlikely to subside anytime soon. Higher claim counts and loss severity have led to significant and continuing increases in cyber insurance losses. Insurers have made up for this increased risk profile by passing the costs onto consumers in two ways—by both increasing premiums and attempting to narrow coverage.
Over the past few years, ransomware attacks have increased in frequency and demand size. And, increasingly, those attacks have targeted businesses and critical infrastructure organizations from across the globe. This trend is likely to continue. The Cybersecurity & Infrastructure Security Agency noted that cybersecurity authorities in the United States, Australia and the United Kingdom assess that “if the ransomware criminal business model continues to yield financial returns for ransomware actors, ransomware incidents will become more frequent. Every time a ransom is paid, it confirms the viability and financial attractiveness of the ransomware criminal business model.”