Double extortion: The new cyber threat

Your cyber clients may now be exposed to two risks in one, as the sophistication of ransomware attack patterns continue to increase.

“There’s double extortion tactics which are just crippling organizations now,” said Greg Markell, president and CEO of Ridge Canada Cyber Solutions Inc.

Double extortion involves threat actors taking data out during a ransomware attack “to get people back to the table… by threatening them with privacy exposure and the threat of potential regulatory work,” Markell said Sept. 29 during Insurance Bureau of Canada’s 2021 Commercial Insurance Symposium. “So, you’ve got an increase in legal costs, you’ve got an increase in potential notification costs to affected individuals whose information would have been exposed.

“Impact-wise, the demands have gone way up,” Markell said. “You used to be able to get in and out of a ransomware incident pretty quickly,” he said, meaning within a couple of weeks. “However, those times are gone. The sophistication of the attack patterns has increased significantly.”

Moderator Paul Gardner, senior vice president of corporate underwriting and risk services with Northbridge Financial Corporation, and Greg Markell, president and CEO of Ridge Canada Cyber Solutions Inc.

Markell was part of a session called Getting a Head Start on Emerging Issues: A Discussion on Cyber Trends and Inflation. The session included discussions on “silent” cyber — cyber risks in policies that do not explicitly include or exclude cyber coverage — and the inflationary effects on loss cost trends. It was moderated by Paul Gardner, senior vice president of corporate underwriting and risk services with Northbridge Financial Corporation, and also featured panellist Paul Gilbody, SVP for national claims at Aviva Canada.

From a silent cyber perspective, there’s no shortage of ways that an all-perils policy can potentially be exposed to a large cyber loss, Markell said. “When you’re looking at that and you’re doing a policy design, what we’re really finding right now is how well are those absolute data exclusions stacking up in a court of law?” he asked.

“There’s some examples out there right now that we could argue, they’re not doing so well,” Markell said. “And so as a result of that, that silent cyber element has to be contemplated in and actuarially, the property markets are ready to do that. They’re trying to parcel it off and push it into the cyber world.”

Looking ahead, Markell hopes there’s “a little more stability” in the cyber insurance market. “We know that next year there’s probably not going to be much in the way of new capacity in terms of capital flowing in through reinsurance,” he said. “If there’s no reinsurance capital coming in and flowing down into the direct markets, then its price is going to go up. [The] demand for it is continuing to increase.”

Feature image by iStock.com/RyanKing999