Canadian Underwriter
News

WannaCry ransomware attack “arguably the first ever cyber-catastrophe”: RMS cyber expert


May 16, 2017   by Canadian Underwriter


Print this page Share

The global WannaCry ransomware attack is “arguably the first ever cyber-catastrophe,” an expert in cyber risk management from RMS said on Tuesday.

FILE – In this May 13, 2017 file photo, a screenshot of the warning screen from a purported ransomware attack, as captured by a computer user in Taiwan, is seen on laptop in Beijing. Global cyber chaos is spreading Monday, May 14, as companies boot up computers at work following the weekend’s worldwide “ransomware” cyberattack. The extortion scheme has created chaos in 150 countries and could wreak even greater havoc as more malicious variations appear. The initial attack, known as “WannaCry,” paralyzed computers running Britain’s hospital network, Germany’s national railway and scores of other companies and government agencies around the world. (AP Photo/Mark Schiefelbein, File)

Tom Harvey said in a statement that the cyberattack “clearly demonstrates the systemic nature of the risk, with a single vulnerability resulting in hundreds of thousands of infected machines across over 150 countries.”

In the attack, hackers demanded payment from victims in the digital currency Bitcoin to regain access to their encrypted computers. The malware has scrambled data at hospitals, factories, government agencies, banks and other businesses since Friday, the Associated Press reported on Tuesday. Countries/territories affected included China, the United Kingdom, Japan, Russia, Saudi Arabia and Taiwan, among others. The Canadian Press reported, also on Tuesday, that Quebec’s Université de Montreal was monitoring its IT network after about 120 of the school’s computers were allegedly infected with the WannaCry malware.

Harvey said that while “unprecedented,” the attack was not unexpected. “RMS modelling scenarios show this kind of hacking campaign as just one of numerous types of extreme but plausible cyber-catastrophes,” he said in the statement.

Related: Ransomware cyberattack cripples hospitals across the United Kingdom

While it is still too early to determine the cost for the insurance industry, 74% of cyber policies on the market offer cyber extortion, a loss that is still evolving, Harvey said. As of the time of the statement, only a “relatively modest US$63,000 has been paid in ransoms so far – but there are still several days left on the clock. However, ransom payments are only a small proportion of the total losses insurers face.”

According to the Associated Press, the malware paralyzed computers running mostly older versions of Microsoft Windows. It displayed a message demanding US$300 to US$600 worth of Bitcoins, saying that “failure to pay would leave the data scrambled and likely beyond repair.”

Harvey said that firms with cyber policies will likely have triggered coverage for incident response, data and software loss, and even regulatory response costs. “And that’s before business interruption is counted,” he said. “With several large manufacturers, hospitals and telecom providers disclosing downtime, these losses will be significant.”

Related: Global cyber attacks expected to up demand for related insurance, U.S. market could grow 10-fold: Fitch Ratings

But WannaCry is not just an issue for cyber insurers, Harvey stressed. “With such a soft property insurance market, several insurers have offered non-damage BI coverage which may trigger. And insurers with Kidnap & Ransom books will want to look closely at their policies wordings to see whether they are exposed.”

Harvey noted that the WannaCry malware utilized a vulnerability that was patched by Microsoft nearly 60 days ago, providing many companies the opportunity to “plug the hole” before being attacked. In addition, the presence of a kill switch within the software allowed security experts to contain the spread to some extent, although there have been reports of new variants without the kill switch.

“It is not a true zero-day,” Harvey concluded. “Had it been, the scale of this event – and potential losses – would have been many orders of magnitude higher.”


Print this page Share

2 Comments » for WannaCry ransomware attack “arguably the first ever cyber-catastrophe”: RMS cyber expert
  1. Frank Cain says:

    I’m surprised if you’re surprised. Not much different from good old auto insurance – “as long as I have insurance, I really don’t have to be that careful – I can always pay more – it’s the most convenient way out”.

    For all the good that insurance does, the protection offered by a policy can be a license to spawn recklessness. Watch cyber premiums go on the rise, watch insurers add controls to minimize exposure. The worst part of cyber crime is that the infiltration by the criminal is as oblique as the ways and means of preventing it. Perhaps that’s where it parts company with auto insurance.

    But I wouldn’t take either to the bank.

  2. Stacy Desouza says:

    I think there will be more in the future. This, in my opinion, was just a dry run and the real attack will come in the future. They just wanted to test the defences of the world and how they would react to an attack like this. I hope everyone just wakes up and updates their security software like antivirus and installs the latest patches by microsoft. Another good idea would be to start keeping backups in external drives. For more ways to protect yourself against such an attack, check this article. It has some good tips: https://www.purevpn.com/blog/how-to-protect-from-ransomware/

Have your say:

Your email address will not be published. Required fields are marked *

*