AXA’s APAC ransomware attack is a warning to all insurers

Branches of the insurance giant AXA in the APAC region have been the victims of a targeted ransomware attack that saw potentially 3TB of data stolen

Taking place on 15 May, the insurer’s operations in Hong Kong, Malaysia, the Philippines, and Thailand were affected. Meanwhile, its global websites were struck by a Distributed Denial of Service (DDoS) that made them inaccessible.

Initial reports of the attack emerged roughly 24 hours later on Sunday 16 May. A full report of the specifics have yet to be presented by AXA, but 3TB of sensitive data is said to have been seized by perpetrators using the ransomware Avaddon  - details seemingly confirmed by a dark web post seen by the Financial Times.

The stolen data supposedly included personal identification information, medical records, and claims history, among other things.

Cyber attacks: A persistent threat

Ironically, earlier in May, AXA had stated that it was purposefully halting the underwriting of cyber insurance policies that reimburse victims of online extortion. The logic, at least on the part of some officials, was that such actions actually incentivise cyber crime.

“The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay,” said Paris’ cybercrime prosecutor Johanna Brousse at the time.

AXA’s misfortune also came shortly after hackers launched a cyber attack against Colonial Pipeline Company. The event caused local petrol shortages and the company was forced to pay the US$5m ransom, which it did using Bitcoin.

Clearly, the threat of large cyber attacks is not restricted to the insurance industry. However, the implications of AXA deciding against cyber insurance underwriting could have broader implications, particularly as global spending in the sector was previously estimated to reach $174.7bn by 2024.

Prevention is better than a cure 

Lior Div, CEO and Co-founder of Cybereason, weighed in on what the insurance industry should take from this event:

"Unfortunately, AXA is in the long line of companies suffering from a ransomware attack. While it will take some time to learn the specifics of this newest attack, it is important to remind everyone that ransomware attacks can be disrupted and stopped before they have a material impact on an organisation by using endpoint detection and remediation software.

“Cybereason strongly recommends against paying ransom demands as our recent research shows that more than half the companies that pay a ransom are hit a second time.”

The adage that ‘an ounce of prevention is worth a pound of cure’ appears to ring true. Insurers must instill cybersecurity at every level of corporate operations and culture. Failing to invest the time and money could ultimately be the most expensive mistake of all.


Featured Articles

Top 10 Scaling Insurtech Startups to Watch in 2022

As insurtech gains momentum across the industry, we take a look at the top 10 scaling insurtechs disrupting the industry through technology and innovation

Why Cybercrime is Driving Change & Innovation in Insurtech

As demands for better cyber insurance increases, we look at how the insurtech space is tackling the problem of hacking and security

Three Key Trends for Insurtechs Driving Innovation in 2022

The marketplace is changing - and technology is now the key to scaling and updating legacy insurance companies

Noam Shapira, President of Pattern on Embedded Insurtech


FIVE Key Strategies to Help Insurtechs Scale in 2022


How Technology is Driving Big Data & the Insurance Industry

Technology & AI