RANSOMWARE ATTACKS AS A CYBERSECURITY INSURANCE COVERAGE THREAT
Vol 30 No 2 (2023), Articles
Vol 30 No 2 (2023)

RANSOMWARE ATTACKS AS A CYBERSECURITY INSURANCE COVERAGE THREAT

Articles
https://doi.org/10.7862/rz.2023.hss.18
Published June 30, 2023
Dariusz PAUCH
University of Szczecin, Poland
http://orcid.org/0000-0002-0179-4784
HSS-okładka-30-2023-02
pdf

Keywords

hacker attack
ransomware attack
cyber risk
insurance
COVID-19
cybersecurity insurance coverage

Abstract

The main purpose of this article is to analyze ransomware risk and its impact on the loss ratio in cyber insurance. To achieve this goal, the article indicates the scale of the threat of ransomware attacks and the prospects for change in the field of cyber insurance protection. Methodologically, the focus is on analysis and literature studies in order to properly describe and classify cyber threats, including ransomware risk. Statistical data were analyzed to find the scale of ransomware threats. Through the analysis, attention was drawn to the need for changes in the approach to cyber risk by both entrepreneurs and insurance companies. The originality of the study lies in its attempt to capture the necessity of changes in the field of cyber insurance, and justify their introduction. A research gap was identified, as the problem of ransomware attacks became particularly acute during the COVID-19 pandemic.

https://doi.org/10.7862/rz.2023.hss.18
pdf

References

Allianz Global Corporate & Specialty (2021). Ransomware trends: Risks and Resilience, Munich.

Andress, J., Winterfeld, S. (2013). Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners: second edition, Syngress, USA.

Bajpai, P., Sood, A.K., Enbody, R. (2018). A key-management-based taxonomy for ransomware, APWG Symposium on Electronic Crime Research (eCrime), IEEE.

Cert (2021). Poradnik ransomware 2021 [Access: 4.10.2022]. Access on the internet: https://cert.pl/uploads/docs/CERT_Polska_Poradnik_ransomware.pdf.

Check Point Research. (2022). Cyber Security Report.

Deloitte (2016). Beneath the surface of a cyberattack A deeper look at business impacts [Access: 7.10.2022]. Access on the internet: https://www2.deloitte.com/content/dam/Deloitte/us/Documents/risk/us-risk-beneath-the-surface-of-a-cyber-attack.pdf.

Gavėnaitė-Sirvydienė, J. (2019). Evaluation of cyber insurance as a risk management tool providing cyber-security. “Social Transformations in Contemporary Society”, 7.

Green, J. (2015). Cyber Warfare: A multidisciplinary analysis. New York: Routledge Taylor & Francis Group.

https://www.blackfog.com/the-state-of-ransomware-in-2020/ [Access: 08.10.2022].

https://www.businessinsurance.com/article/20211012/NEWS06/912345135/Ransomware-losses-disrupt-cyber-liability-market [Access: 14.10.2022].

https://www.ft.com/content/4f91c4e7-973b-4c1a-91c2-7742c3aa9922 [Access: 14.10.2022].

https://www.insurancebusinessmag.com/uk/news/cyber/current-cyber-insurance-model-is-ripe-for-change--cyber-advisors-317648.aspx [Access: 14.12.2022].

https://www.munichre.com/topics-online/en/digitalisation/cyber/cyber-insurance-risks-and-trends-2022.html [Access: 12.10.2022].

https://www.reuters.com/article/us-axa-cyber-idUSKCN2CX0B0 [Access: 17.12.2022].

https://www.reuters.com/markets/europe/insurers-run-ransomware-cover-losses-mount-2021-11-19/ [Access: 14.12.2022].

Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., Kirda, E. (2015). Cutting the gordian knot: A look under the hood of ransomware attacks. Detection of Intrusions and Malware, and Vulnerability Assessment, Springer, Milan. DOI: 10.1007/978-3-319-20550-2_1.

Leopando, J. (2016). Patch Your Flash: Another Zero-Day Vulnerability Hits Adobe Flash. In blog: “TrendLabs Security Intelligence Blog” [Access: 27.10.2016]. Access on the internet: http://blog.trendmicro.com/trendlabs-security-intelligence/patch-flash-another-zerodayvulnerability-hits-adobe-flash.

Liska, A., Gallo, T. (2016). Ransomware. Defending Against Digital Extortion. O’Reilly Media, USA.

Malinowska, K. (2018), Aspekty prawne ubezpieczenia cyber ryzyk. „Prawo asekuracyjne”, 2/2018 (95).

Marsh (2015). The role of insurance in managing and mitigating the risk. UK cyber security [Access: 10.10.2022]. Access on the internet: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/415354/ UK_Cyber_Security_Report_Final.pdf.

National Association of Insurance Commissioners (NAIC) (2021). Report on the Cybersecurity Insurance Market. USA.

Oosthoek, K., Cable, J., Smaragdakis, G. (2022). A Tale of Two Markets: Investigating the Ransomware Payments Economy. “Computer Science”. 10 May 2022. DOI: 10.48550/arXiv.2205.05028.

Sloan, R. (2017). Cyber Matters: The Importance of Cyber insurance for SMEs, Cubb INC USA [Access: 13.10.2022]. Access on the internet: https://www.cybersecurityjournal.org/cybermatters-he-importance-ofcyber insurance.

Sophos (2022). The state of ransomware 2022 [Access: 14.10.2022]. Access on the internet: https://assets.sophos.com/X24WTUEQ/at/4zpw59pnkpxxnhfhgj9bxgj9/sophos-state-of-ransomware-2022-wp.pdf.

World Economic Forum (2023). Global Cybersecurity Outlook 2023. Insight Report.