Ransomware reaches insurance industry

The insurance industry has not escaped from last week’s global ransomeware cyber-attack, with a French company affected; and others are cautioning vigilance.

As NIBA reported last week, the latest attack may be one of the most significant to date. The virus has impacted businesses internationally and in Australia, and now it appears that the ‘Petya’ virus has also affected the insurance industry, with a confirmed attack on French insurer MAIF, according to Insurance Business.

The insurance company posted a press release to their website acknowledging the attack, outlining the steps its IT team took to contain and neutralise the cyber-attack, and noting the communication to clients via social media and the website, directing them not to open fraudulent emails from MAIF.

Nicolas Siegler, Deputy Managing Director of the MAIF group in charge of IS noted (translated): “MAIF was the victim of a cyber attack yesterday. As soon as we were alerted, we made every effort to contain this attack, so our networks were isolated. Above all, we reacted immediately to warn our members. At this stage, the threat is contained but we remain vigilant.”

Be vigilant or be prepared to pay

In its latest cyber report, ‘Closing the gap – insuring your business against evolving cyber threats’, Lloyd’s warns businesses that they could face a much higher bill than they might anticipate if they fall victim to a cyber-attack.

As businesses increasingly become the target of sophisticated hacking attacks, they need to be prepared for significant cost, including adjacent costs like reputational damage, litigation, and, in some cases, the cost of paying the ransom, which some experts advise against.

Should you pay the ransomware ransom?

The Telstra cybersecurity report 2017 reported that 60 per cent of Australian organisations had experienced at least one ransomware incident in the previous 12 months.

Of that figure, 57 per cent paid the ransom – though it’s important to note that nearly one in three of the organisations that paid did not recover their files.

Most recent cyber attack a ‘distraction’ for future sabotage

According to Fortune, the growing consensus among security researchers, armed with technical evidence, suggests the main purpose of the recent ‘Petya’ attack (dubbed ‘NotPetya’ by some experts), was to install new malware on computers at government and commercial organisations, primarily in Ukraine.

Rather than extortion, the goal may be to plant the seeds of future sabotage.