The explosion in cyber-attacks is pushing insurance to the limits of affordability for some, with the professional services sector the biggest target of ransomware, a report has found.
Insurance broker Howden said the number of global ransomware attacks was up 230% last year, compared to 2019, but there were some positive signs this year.
Nonetheless, the higher loss frequency and severity from ransomware have caused “such an extreme supply-demand imbalance” in the cyber insurance market that the average cost of cover was more than double what it was last year.
The Solicitors Regulation Authority warned last week that ransomware was a growing threat to law firms, increasing in sophistication and moving from encryption of data to theft.
Several legal regulators have been clarifying their insurance requirements to ensure lawyers and clients understand that professional indemnity insurance covers third-party losses from cyber-attacks but not any losses that only affect the lawyers.
This has led to more focus on the need for lawyers to take out separate cyber insurance.
Howden said 20% of recent global ransomware attacks targeted professional services firms, compared to 17% for the public sector. Financial services and consumer services both accounted for only 9%.
“The rise of ransomware has been the most important cyber development of the last two years, bringing about a sea change to the frequency and severity of attacks, and the threat landscape more generally.
“This escalation is attributable primarily to cyber criminals deploying new tactics to exploit weaknesses and achieve one simple goal: maximise financial gain.
“Ransomware has developed into a lucrative industry in its own right. The availability of turnkey (and low cost) ransomware kits – otherwise known as ransomware-as-a-service (RaaS) – on the dark web has fuelled the proliferation of incidents.
“Lower barriers to entry typically bring a flood of new market entrants, and ransomware has been no exception. The number of attacked companies has spiked, as a result.”
The dramatic rise in ransomware attacks led to “the most extreme rate increases across the entire insurance market” in cyber security, with the last two full quarters seeing average annualised increases in premiums of 120%.
“The surge in ransomware attacks in 2020 and the first half of 2021 particularly was striking, as incidents accelerated at an unprecedented rate whereas the number of data breaches remained largely stable.”
David Rees, executive director of Howden, commented: “The last year has been characterised by price corrections, contracting capacity and restrictive terms – classic hard market territory.
“Whilst the value of cyber insurance continues to prevail for the vast majority of buyers, pricing is now approaching the limits of economic viability for some.
“Compounded increases from here are not sustainable, which, assisted by the more favourable claims environment that appears to be manifesting this year, is likely to moderate or even stabilise pricing. Improved insurer performance should also help attract new capacity into the market.”
Howden said that, “given the protagonists” in the conflict between Russia and Ukraine, the “prospect of cyber warfare and spill-over to other states is real”.
However, most cyber activity linked to the war so far had been “relatively low-level” and the large-scale attacks widely predicted in the run up to invasion have not yet occurred.
Shay Simkin, global head of cyber at Howden, added: “Market conditions remain difficult, but two potential tailwinds may help companies and insurance carriers as this year progresses.
“The first is off the back of more favourable ransomware trends following underwriting and risk management actions taken in response to increased ransomware frequency and severity. Companies are more resilient to ransomware attacks today than they were this time last year.
“The second, the war in Ukraine, is a lot more unpredictable, but it appears the conflict has so far dampened cyber frequency further as both warring sides focus their efforts on conventional warfare.
“This could of course change in an instant – for example, a ceasefire, a large-scale cyberattack, pressure on Russia’s government to find new revenue streams as economic sanctions bite – but for now insurance claims are down compared to last year.”