AXA’s APAC ransomware attack is a warning to all insurers

Share
Branches of the insurance giant AXA in the APAC region have been the victims of a targeted ransomware attack that saw potentially 3TB of data stolen

Taking place on 15 May, the insurer’s operations in Hong Kong, Malaysia, the Philippines, and Thailand were affected. Meanwhile, its global websites were struck by a Distributed Denial of Service (DDoS) that made them inaccessible.

Initial reports of the attack emerged roughly 24 hours later on Sunday 16 May. A full report of the specifics have yet to be presented by AXA, but 3TB of sensitive data is said to have been seized by perpetrators using the ransomware Avaddon  - details seemingly confirmed by a dark web post seen by the Financial Times.

The stolen data supposedly included personal identification information, medical records, and claims history, among other things.

Cyber attacks: A persistent threat

Ironically, earlier in May, AXA had stated that it was purposefully halting the underwriting of cyber insurance policies that reimburse victims of online extortion. The logic, at least on the part of some officials, was that such actions actually incentivise cyber crime.

“The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay,” said Paris’ cybercrime prosecutor Johanna Brousse at the time.

AXA’s misfortune also came shortly after hackers launched a cyber attack against Colonial Pipeline Company. The event caused local petrol shortages and the company was forced to pay the US$5m ransom, which it did using Bitcoin.

Clearly, the threat of large cyber attacks is not restricted to the insurance industry. However, the implications of AXA deciding against cyber insurance underwriting could have broader implications, particularly as global spending in the sector was previously estimated to reach $174.7bn by 2024.

Prevention is better than a cure 

Lior Div, CEO and Co-founder of Cybereason, weighed in on what the insurance industry should take from this event:

"Unfortunately, AXA is in the long line of companies suffering from a ransomware attack. While it will take some time to learn the specifics of this newest attack, it is important to remind everyone that ransomware attacks can be disrupted and stopped before they have a material impact on an organisation by using endpoint detection and remediation software.

“Cybereason strongly recommends against paying ransom demands as our recent research shows that more than half the companies that pay a ransom are hit a second time.”

The adage that ‘an ounce of prevention is worth a pound of cure’ appears to ring true. Insurers must instill cybersecurity at every level of corporate operations and culture. Failing to invest the time and money could ultimately be the most expensive mistake of all.

Share

Featured Articles

US Bank and One Inc Unite to Reshape Insurance Payments

Move aims to streamline claims processing through digital network, as insurers seek to modernise transaction systems amid rising digital payment adoption

Insurance Software Provider Fadata Expands Global Presence

Fadata opens offices in Malaysia and Peru as part of global growth strategy to deliver 24/7 support for insurance clients using its INSIS core platform

Top 10: Sustainability Leaders in InsurTech

This week's top 10 shines a spotlight on some of the insurance world's most sustainable practitioners, including execs from Convex, Previsico and Allianz

Allianz: Insurers Focus on Growth Despite Compliance Hurdles

Digital Strategy

Insurers Face Legacy System Exodus as Climate Risk Grows

Technology & AI

Study: Cyber Breach Recovery Times Exceed Insurance Coverage

Technology & AI