“We are still waiting to be compensated”: the annoyance of ransomware victims

The number of companies affected by this type of attack has exploded in the last two years, and being insured does not guarantee compensation.

Like water damage or theft, cyber attacks are among the dangers a business must be prepared for. Among hackers’ favorite tools is ransomware, malicious software designed to hold confidential data hostage. In order to hope to review your precious files, scammers demand a sum of money from the victim.

This type of malware is like an epidemic in the IT landscape: 73% of French companies and institutions say they were targeted by ransomware in 2021, compared to 43% in 2020, according to a report by Sophos.

Of course, companies and organizations already anticipate this type of attack by taking out an insurance contract, however small entities are much more likely to lose everything during an attack, as only one company with less than 250 employees in ten has this type. of contract.

Now, being insured doesn’t necessarily mean being reimbursed. It is usually the damage cleanup costs that are borne by the companies. As for the payment of the ransom, the matter is debated. 40% of companies affected in 2021 said the insurer paid the ransom.

For a company, paying the ransom is often the easiest choice: to avoid losing everything without having to replace computer systems in the process. Insurers and ANSSI (National Information Systems Security Agency) discourage giving in to crooks so as not to encourage this practice. Some companies like Generali have specified that they will never refund amounts advanced to pay attackers.

“We are still waiting to be compensated”

One group, affected by the ransomware, told us, on condition of anonymity, that they had not yet received a single euro of their insurance, although the latter recommended that they not pay. The attack took place last November after an average employee was tricked into downloading a PDF file.

The company decided to shut down all servers and immediately called their insurance company. This group, with 75,000 employees, lost several hundred thousand euros, first with the cyber attack and then with the overhaul of the computer system. A few weeks later, the group begins to understand that compensation is not a guarantee.

We have a lot of problems with the legal insurance teams. They constantly extend deadlines, keep coming back to see us for a new detail, sometimes on matters that have nothing to do with the accident. We have the impression that they are playing against the clock. However, ransomware attacks are included in the contract “, tells us the company’s IT security manager.

It is a large insurance group and we are certain that we will not renew the contract. However, we continue to pay monthly because we don’t want to break it, hoping to be compensateds,” he tells us.

A bill to regulate the payment of ransom

Stories like these are common. Cybereason, a company that specializes in cybersecurity technologies, tells us that many customers are turning to them after ransomware. ” Attackers pressure the victim by offering an initial amount and threaten to increase the ransom price if the company does not pay immediately “, tells us Joël Mollo General Manager of Cybereason in France. ” As far as I can remember, none of the victims received a full refund of the advance amount..”

A draft article suggested the possibility of a legal framework for payment of ransom. Presented on March 16, the text wants to condition the insurance reimbursement to a complaint presented within 48 hours of the victim. ” This is not the best answer to this practice. This bill will only encourage the criminal industry », Analyzes the IT security manager of the affected group.

In the United States, the opposite choice is made: several states have proposed to enshrine the prohibition of payment in law to stop the bleeding suffered by companies in the country. In 2021, the average amount paid by victims was 500,000 euros on average.

For more

Leave a Comment