AXA’s APAC ransomware attack is a warning to all insurers
Taking place on 15 May, the insurer’s operations in Hong Kong, Malaysia, the Philippines, and Thailand were affected. Meanwhile, its global websites were struck by a Distributed Denial of Service (DDoS) that made them inaccessible.
Initial reports of the attack emerged roughly 24 hours later on Sunday 16 May. A full report of the specifics have yet to be presented by AXA, but 3TB of sensitive data is said to have been seized by perpetrators using the ransomware Avaddon - details seemingly confirmed by a dark web post seen by the Financial Times.
The stolen data supposedly included personal identification information, medical records, and claims history, among other things.
Cyber attacks: A persistent threat
Ironically, earlier in May, AXA had stated that it was purposefully halting the underwriting of cyber insurance policies that reimburse victims of online extortion. The logic, at least on the part of some officials, was that such actions actually incentivise cyber crime.
“The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay,” said Paris’ cybercrime prosecutor Johanna Brousse at the time.
AXA’s misfortune also came shortly after hackers launched a cyber attack against Colonial Pipeline Company. The event caused local petrol shortages and the company was forced to pay the US$5m ransom, which it did using Bitcoin.
Clearly, the threat of large cyber attacks is not restricted to the insurance industry. However, the implications of AXA deciding against cyber insurance underwriting could have broader implications, particularly as global spending in the sector was previously estimated to reach $174.7bn by 2024.
Prevention is better than a cure
Lior Div, CEO and Co-founder of Cybereason, weighed in on what the insurance industry should take from this event:
"Unfortunately, AXA is in the long line of companies suffering from a ransomware attack. While it will take some time to learn the specifics of this newest attack, it is important to remind everyone that ransomware attacks can be disrupted and stopped before they have a material impact on an organisation by using endpoint detection and remediation software.
“Cybereason strongly recommends against paying ransom demands as our recent research shows that more than half the companies that pay a ransom are hit a second time.”
The adage that ‘an ounce of prevention is worth a pound of cure’ appears to ring true. Insurers must instill cybersecurity at every level of corporate operations and culture. Failing to invest the time and money could ultimately be the most expensive mistake of all.
The Ultimate FinTech & InsurTech LIVE Event
From October 12th-14th, 2021, BizClik’s FinTech & InsurTech event will bring together influential executives from around the world. Streamed live from Tobacco Dock, London, this three-day event will be an excellent way to finish the year strong, gaining the confidence your company needs to move forward into the future.
With keynote addresses from global leaders, dynamic roundtable discussions, and extensive networking opportunities, FinTech & InsurTech 2021 will expand your network, deliver insight, and enhance your organisation’s reach.
Already confirmed speakers include Colin Payne, VP & NextGen FS Global Lead at Capgemini; Dipu KV, President and Head of Operations & CX at Bajaj Allianz General Insurance Company; Bryan Caroll, CEO at TNEX; and Lucy Demery, Managing Director at Barclays.
The event will include:
- Keynote addresses from respected industry leaders
- Dynamic live roundtables (inc. Q&A)
- Fireside discussions
- Inspirational Speakers & Presentations
- Extensive networking opportunities
Meet the Speakers
Each week, from now until the event, we’ll be announcing the latest speakers who are set to grace our physical or virtual stage, prepared to share their knowledge and insight with attendees.
Our second batch consists of:
Currently the Senior Vice President of Business Development & Fintech for Mastercard UK & Ireland, a position he’s held since 2014, Abraham describes himself as “a proven and successful senior sales leader with experience across a wide range of industries, sectors, and channels.”
Graduating from the University of Northampton in 1994 with a BA in Economics and Law, he worked for nine years at Sainsburys - eventually responsible for banking the company’s revenue and running its ATMs - and then Barclaycard for three years as Head of Client Management. In 2007, Abraham became VP of Client Management at American Express, and then VP and GM Global Supplier Relations EMEA in 2012.
In his current role at Mastercard, Abraham is accountable for the acceptance of all payments and products through all channels, devices, and technologies across UK and Ireland. In addition, he oversees the deployment of innovative new payment tech within the region.
Fraser-Hawkins’ role as CEO, UK Corporate, at Marsh McLennan is the continuation of a long and successful insurance career, which has included being London Sales Director for JLT Group and Branch Director for Willis Towers Watson.
Marsh prides itself on being a company that hires top-tier talent, does work that impacts peoples’ lives, and offers its employees the opportunity to make a difference. This is clearly an attitude that aligns with Fraser-Hawkins’ own values; regarding the insurer’s UK Young Professionals initiative, a support network to help young professionals in their development, he said:
"I am passionate about developing talent and our Young Professional CRG provides a brilliant community for our Young Professional colleagues to discuss key issues relevant early in their careers, as well as an environment to promote the skills, learning and network for success."
Massaro is currently the CEO of Boston fintech Flywire, a role he took on in 2013. He first joined the team in 2012 as VP of Business Development, but it wasn’t long before his entrepreneurial skills were redirected to leading the entire company’s high-growth strategy worldwide.
An expert in domestic and international payments and billing, enterprise technology sales, strategic alliances, enterprise software, SaaS, product management and marketing, and much more, Massaro is a consummate finance professional whose credentials befit the leadership of a prominent global payments fintech.
His previous positions include Consultant at PwC and Product Line Manager at Oracle, and he maintains a Mentor role at startup accelerator MassChallenge. He graduated magna cum laude from Babson College with a BS in Information Systems and Finance.
This event is set to be one of the year's most unmissable. If you want to get leading perspectives on the future of fintech and insurtech, go to Eventbrite and purchase your tickets now.