Nov 22, 2021

Why cybercrime is booming in post-pandemic ecosystems

Insurance
Insurtech
Cybercrime
Ransomware
4 min
A report by Aon and Crawford & Company reveals pandemic has created ecosystems that are causing cybercrime to thrive, and hitting insurers where it hurts

A new report by Aon and Crawford & Company has revealed that the pandemic has created ecosystems that are helping cybercrime to thrive as hackers target strategic ecosystem painpoints.

The risk of cybercrime events and the number of breaches has risen in correlation with the technological solutions developed to help companies reach digital transformation in the pandemic. 

The news suggests difficult times are ahead for insurance companies globally, as the cost of claims in cyberinsurance skyrockets. 

The digital ecosystem, which has also boosted rapid scaling along all value chains, the report says, has inadvertently created an environment of eco interdependencies that enables cybercrime to thrive. 

The report points to escalated risks of “aggregation and accumulation” of ransomware exposure, with multiple sites reliant on the same technology or impacted by the same event. It also points out that cybercriminals have widened their target fields that, up until now, have generally sought out “rich seams” of Personal Identifiable Information (PII) to use as ransomware leverage or be sold.

However, “The model of stealing and selling PII in its own right has declined because it is getting harder to monetise. These records have little value on the dark web,” the guide says.

New targets for cybercriminals

Manufacturing, construction, and food have become the targets of cybercrime. This is because hackers have enhanced the technology utilised to perform a ransomware attack. This makes it more challenging for companies to recover damaged systems from their back-ups.

“They understand the economic pain points for different types of organisation and are learning how to leverage those to maximise their own financial gain,” the report states.

Greater disruption from cyber attacks 

The new focus of threat actors is to target entities that, if disrupted, will impact other businesses that are not able to delay their operations until the attached company’s system is restored. 

Therefore, they are targeting strategic partners to claim ransom from a connected business. These incidents are increasingly being seen in key supply chains - in oil or fuel, for example, that impact on a number of key operatives at the same time. 

The result is that multiple companies across the globe can be brought to a standstill by sophisticated ransomware that targets ‘maximum impact’ organisations, as the report says, “Threat actors are looking for efficient ways to leverage or magnify their efforts by targeting the software/data supply chain.”

Maximum impact ransomware

The result is that insurers, as well as being targeted by hackers themselves, find themselves in the unenviable position of being responsible for increased payouts for ransomware attacks across ecosystems. 

According to the Harvard Business Review, in 2020, the global insurance community saw the first cyber insurance program to exceed $1bn in payouts. 

Part of the problem is that cyberinsurance is still in its infancy, yet it is required to fight a growing monster. And although many companies either don't have cyber insurance - or, they have inadequate cover, others have bought into protection that provides them with $200mn in cover. However, because of the vast costs of ransomware, and its increasing prevalence, HBR author Tom Johansmeyer writes, "it would only take five insured losses of a bit more than that amount to wipe out an entire year’s premium. That’s only 2% of the companies in the market buying that much coverage. That kind of loss would likely take decades for insurers to earn back such losses."

Jonathan Knudsen, senior security strategist at the Synopsys Software Integrity Group, explains, “Cyberspace is already a battlefield in the 21st century. Software is critical infrastructure for individuals, businesses, and governments. The past two decades show nation-states using software vulnerabilities to further geopolitical agendas: SolarWinds, NotPetya, and Stuxnet are just a few high-profile examples. Doubtless, there are many more incidents that have not come to light. 

 He continues, “Cyberspace offers attackers an asymmetric advantage. The relatively anonymous nature of the Internet, coupled with frequently porous defences, means that compromising systems, stealing information, and other types of skullduggery can be accomplished with low probabilities of detection or prosecution.”

Solutions against increased ransomware attacks

There is no doubt that businesses are playing a cat and mouse game in terms of cybercrime technologies. Some experts believe that Zero Trust networks and an expansion of SOAR (Security Orchestration Automation and Response) will help stem the onslaught of hacking and ransomware attacks. 

Alexandra Willsher, a senior sales engineer for Forcepoint, explains, The data requirements to successfully implement a Zero Trust posture will drive advances in machine learning and feed into an expansion of SOAR (Security Orchestration, Automation and Response) platform capability.”

She continues. “The ability to automate responses and enhance risk adaptive decisions using the data flow that comes as part of normal business operation can give a huge boost to security capability without the need to make use of additional resources.  Almost every company has a repository of data stored in its native, raw format, but very few are equipped to trawl and analyse it effectively.”

Willsher adds that being able to make use of the information a business already has stored, and is generating every day, makes adoption of things like zero trust much more suitable for the cost-conscious.

Share article