Cyber Insurance Blog

A History of Ransomware and How Cyber Insurance Protects Businesses

Ransomware is not a novel form of criminal activity. For years, cyber criminals have been extorting money from all types of people and businesses by leveraging stolen or compromised digital assets.

But why are ransomware attacks becoming more and more frequent? How did they evolve to the point where, in 2020 alone, cyber criminals made more than $350 million from ransomware attacks?

Pile of golden, physical Bitcoins on reflective surface, blurred, illuminated chart behind shows cryptocurrency price rising.

In this blog, learn about the history of ransomware, what businesses are most at risk, and how you can protect more businesses through cyber insurance with the help of ProWriters.

A Brief History of Ransomware Attacks

The first documented ransomware attack occurred in the 1980s. Even though computers were still rudimentary by modern standards, hackers still found a way to encrypt files and keep them hostage until the files’ owners sent cash to a post office box.

Fast forward 30 years to 2008. The single most important event for cyber criminals occurred—the invention of Bitcoin.

Before cryptocurrency, cyber criminals had a tough time collecting the payments their targets made to unlock ransomware. The criminals needed a physical currency law enforcement agencies couldn’t easily trace.

But after 2008, cybercriminals could take their small operations and turn them into highly lucrative businesses. Government authorities couldn’t trace bitcoin transactions between wallets. Hidden in the safety of the blockchain, cyber criminals could now process payments in complete secrecy and turn virtual currency into usable income.

Rows of computer servers in dark room partly illuminated by red light illustrate concept of threat from ransomware attacks.

In 2013, the FBI shut down the original CryptoLocker, which was ransomware that encrypted Windows files and demanded a fixed sum of bitcoin in return for the decryption key. However, the FBI’s involvement merely added legitimacy to cyber crime. Soon, numerous copies of CryptoLocker appeared worldwide, extracting tens of millions of dollars from unsuspecting internet users and businesses.

Some larger criminal gangs have even turned ransomware into a service-based model. In other words, large gangs sell and license their ransomware software to individual cyber criminals or smaller gangs. An entire digital ecosystem surrounds ransomware and is worth hundreds of millions of dollars, meaning the history of ransomware is by no means yet fully written!

Businesses at Risk of a Ransomware Attack

The vast majority of modern businesses run their operations on the internet or utilize technology including cloud providers and online software.

From e-commerce to government agencies, every company has online systems and data essential to their successful operation. Therefore, the only businesses truly safe from cyber attacks are those few still operating as if they were serving customers 50 years ago.

But what makes a business a prime target for a ransomware attack?

When hackers go big game hunting, they look for businesses they can pressure by holding data and other digital assets hostage. Therefore, they look for a company that:

Relies heavily on digital infrastructure.
Depends on its network for business functions.
Stores confidential product information.
Keeps customers’ personal information.

However, cyber criminals also search for companies based on their reliance on the internet and their existing cyber security measures. Even if a business has the perfect mix of data and digital dependence, a cyber criminal will often not bother attacking them if their cyber security is airtight. After all, why waste time when they could be going after businesses more likely to result in a successful attack? Therefore, cyber criminals prioritize a company’s vulnerability over its data or its reliance on the internet.

Keeping these caveats in mind, understand that cyber criminals don’t solely target massive companies and corporations worth hundreds of billions of dollars. Small businesses are some of the most at-risk entities. Often, small businesses use outdated software and security measures that leave back doors open and all but invite a cyber criminal to wreak havoc. By enlarge small businesses often are not specifically targeting, but known vulnerabilities are targeted where hackers cast a wide net. Larger companies, in contrast, often have the resources to invest in proper defensive software, making themselves more secure.

Protecting Businesses From Cyber Attacks

One of the most important things businesses, large or small, can do to protect against and recover from cyber attacks is to procure cyber insurance.

Accusations that cyber insurance contributes to the rising rate of cyber crime because it can pay off ransoms are not fair or accurate. While cyber insurance does give businesses resources to pay ransoms, it also encourages them to adopt stricter digital security. Additionally in a lot of ransomware cases 80% of the costs may be unrelated to the ransom payment.

To get approved for cyber insurance, providers require businesses meet their security standards to guard against and efficiently respond to ransomware attacks. With such measures in place, an attack is likely to prove less damaging to the company, resulting in fewer legal violations and a smaller ransom demanded.

Even though cyber insurance providers do end up paying some ransoms, they only do so when a team of cyber crime specialists decides payment is warranted. The average company doesn’t have the resources to make an educated decision about whether it is better to pay the ransom or take another course of action.

Ultimately, every business needs cyber insurance. It’s the only way to protect businesses through preventative measures, forensic services, incident response, legal expertise, ransom payments, and everything else needed to remedy a ransomware attack.

However, the many different providers and levels of protection can make it challenging for you to guide your business clients in the right direction. You definitely don’t want a cyber attack to catch them unprepared. But you also don’t want them paying for more levels of insurance than they may need.

For help advising your business clients as they research and purchase the coverage levels they require, click here to contact ProWriters.

We can give you valuable, up-to-the-minute information about the available options, and practical resources for quoting your clients policies to keep them prepared and secure.