UK association defends ransomware payments in cyber insurance policies

The group has been criticized for “funding” organized crime.

The Association of British Insurers (ABI) has been accused of "funding" organized crime by including ransomware blackmail payments in cyber insurance policies. 

As reported by the BBC, ABI said that the inclusion in first-party policies was not "an alternative" to organizations doing everything else possible to mitigate the damage and operational risk caused by cyberattacks, but without it, victims could face "financial ruin."

Oxford University's Prof. Ciaran Martin said that insurers taking this approach were "funding organized crime" and as it remains legal to do so, there are "incentives" to pay up. 

Ransomware can be one of the most devastating forms of malware to land on corporate networks. Once ransomware executes on a vulnerable system, it will usually encrypt resources, files, and backups, and will then lock users out. 

A blackmail payment is then demanded in return for a decryption key -- which may or may work -- often in cryptocurrency such as Bitcoin (BTC), Ethereum (ETH).

Popular and well-known ransomware strains include WannaCry, Cerber, and Locky.

Businesses and organizations without viable backups or with an urgent need to restore their systems -- such as hospitals and energy utilities -- are then under extreme pressure to pay up. 

It is not illegal to do so in the UK and if they have previously taken out cyber insurance policies covering ransomware, this is when their protection comes into play. 

A spokesperson for the ABI told the publication that in order for claims to be processed, similar "reasonable precautions" in terms of security have to be met. This is comparable to filing a claim for burglary and whether or not your home had reasonable measures -- such as locked doors and windows -- in place to prevent theft in the first place. 

According to US cyber insurance provider Coalition, ransomware incidents accounted for 41% of claims filed during the first half of 2020. 

This week, credit rating service Moody's released its 2021 outlook for cybersecurity and cyber-related risks. The agency predicts that the "continued proliferation" of ransomware attacks will force insurers to re-examine their cyber insurance policies and coverage over the coming year. 

Moody's predicts that as more claims are made, policies covering ransomware will surge in price in what is a "small, but growing line of business."

"Insurers have responded to rising financial losses by raising premium rates and narrowing terms and conditions, including raising deductibles or lowering policy limits, or both," the company says. "Higher insurance costs, in turn, could weigh on the finances of some organizations, causing them to rethink the purchases of these products."

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0