Insured companies more likely to be ransomware victims, sometimes more than once

Companies with cyber insurance are more likely to get hit by ransomware, more likely to be attacked multiple times, and more likely to pay ransoms, according to a recent survey of IT decision makers.

Back in 2019, fewer than 20% of enterprises suffered repeat ransomware attacks, while during the pandemic, the percentage rose to around 30%. And it didn’t stop with the pandemic, with 38% of organizations surveyed in 2022 reporting two or more successful ransomware attacks, those that attackers were able to lock systems, encrypt data, or exfiltrate information to demand a ransom, according to Barracuda’s report conducted by Vanson Bourne.

Companies with cyber insurance get targeted more

Cyber insurance plays a significant role in the numbers as they get targeted more, Barracuda Networks CTO Fleming Shi tells CSO. The survey found that 77% of organizations with cyber insurance were hit at least once, compared to 65% of organizations without insurance. In addition, of the companies that had cyber insurance, 39% paid the ransom.

To make matters worse, the research found that insured companies were also 70% more likely to be hit multiple times. Repeat victims were also more likely to pay ransom, and less likely to use backup systems to help them recover.

Although the report doesn’t establish a direct connection between having cyber insurance and being hit by ransomware, Shi speculates that attackers might discover that a company has insurance because of social engineering, or they might be going after targets that are most likely to have critical data. “That allows them to have higher confidence in getting the payment,” he says.

That doesn’t mean that having cyber insurance is a bad thing. Insurance companies insist on cybersecurity controls before they provide coverage, says Shi. “Insurance can play a positive role if you utilize it in a way that helps you improve your security posture.”

Read full story at CSO magazine.