VIEW: On the ransomware epidemic

There are numerous and clear warnings that cyber attacks are on the rise, and that attackers are launching precision strikes against firms thought likely to pay ransoms and offering weak defences.

The cyber risk landscape has become much more dangerous throughout the pandemic, with ransomware attacks hitting headlines regularly. Waves of new attacks have made for different and disturbing findings.

Companies have embraced digital transformation and employees have switched to remote working in the past year, presenting opportunities for cyber criminals to exploit weaknesses in defences. Ransomware in particular has become an epidemic of its own.

In June, the The REVil criminal gang demanded a US$70m ransom, paid in cryptocurrency Bitcoin, in return for unlocking the files of thousands of businesses caught up in the same attack. The gang meanwhile negotiated with individual firms for smaller ransom payments. In May, DarkSide, another group of cyber criminals, managed to shut down almost half of the oil supply to America’s east coast for five days, by attacking Colonial Pipeline. Authorities managed to recover the majority of a US$4.4m ransom paid in Bitcoin after that attack.

The UK authorities have released new guidance on cyber security for large and medium-sized firms. The update, The 10 Steps to Cyber Security, is a collection of advice from the National Cyber Security Centre that supports chief information security officers and other security professionals to keep their company safe by breaking down the task of protecting an organisation into ten components. It is being unveiled during CYBERUK, a virtual gathering of thought leaders from the cyber security community and hosted by the NCSC.

The 10 Steps to Cyber Security, which were first published in 2012 and are now used by a majority of the FTSE350, have been updated to capture challenges posed by the growth of cloud services, the shift to large-scale home working, and the rise and changing nature of ransomware attacks.

The NCSC also released ransomware and malware-specific guidance in February 2020. This guidance is aimed at helping private and public sector organisations deal with the effects of malware. Following its guidance, the NCSC said, should reduce the likelihood of becoming infected; the spread of malware throughout your organisation; and the impact of the infection.

If an organisation has already been infected with malware, including ransomware, the NCSC has a list of urgent steps to take. Smaller organisations should refer to the NCSC’s Small Business Guide, and larger organisations should refer to the NCSC’s Mobile Device Guidance.

A ‘defence in depth’ approach is a good way of keeping out ransomware attackers, and limiting the effects of any breach in security which does still occur. Risk management has plenty of tools in the armoury to help here.

Getting the right IT advice and IT security technology in place are more important than ever. Back-ups of essential data are important, like any conventional business continuity plan, although hackers’ focus on publishing sensitive information means backing it up is not necessarily a useful response to such a threat.

Where the risk management professionals can also help is in the non-technology aspects to increasing security. Risks arising through employees’ actions or inactions have risen in particular during the pandemic. Staff working from home, using their own laptops, or using their company machines for personal use are a major source of risk.

This makes it all the more crucial that the right governance, controls policies and procedures are in place; and that risk awareness is built up among employees through training and educational efforts about how to keep themselves and the company safer from attack.

    Share Story:

Recent Stories


Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021