Drop in Ransomware Payments Due to Better Preparedness by Companies

The proportion of ransomware demands that resulted in payments shrank from 44 percent in Q3/2020 to 12 percent during the most recently closed quarter, according to Corvus, which has seen large, sustained declines in ransomware claims. Further, costs associated with each ransomware attack have held steady year-on-year, averaging $142,000, a Corvus report found.

Corvus attributes the decline in ransomware payments to companies being more prepared for cyberattacks and to enhanced backup processes. These two factors combine to enable breach response professionals to handle incidents more efficiently and get companies back online faster.

During the second quarter of 2021, Corvus saw a 50 percent decline in the number of ransomware claims. It attributes this drop to the shutdown of ransomware groups Darkside and REvil during Q2/2021. The decrease was sustained through the subsequent quarter, according to the insurance company.

Tech Vendors Beware

Cyberattacks or other outages that can be linked back to a technology vendor’s service or product can cause costs to pile up as the service provider defends lawsuits from customers that suffered damages or lost data.

For tech vendors that work with large companies, this risk is even more pronounced, Corvus reported. A company with 250 or more employees is 216 percent more likely to sue its tech vendor than a company with 10 or fewer employees, and twice as likely as businesses with 11 to 50 workers.

Further, media companies and metal manufacturers are 50 percent more likely to sue their technology vendors than is the average business. Insurers who faced a cyber incident are around 20 percent more likely to sue a third-party vendor than is the average business.

From: PropertyCasualty360