Rise in ransomware leads to rise in cyber insurance premiums

If you carry cyber liability coverage, you’ll likely need to budget for much higher premiums going forward.

One industry estimate shows that recently quoted premiums have increased between 50 percent and 100 percent. Another market survey has carriers “strategically increasing premiums” as much as 300 percent. Reinsurance rates for cyber coverage are expected to double before 2023. Another recent report declares that the cyber insurance market is "hardening for the first time in its 15-plus year history.”

Future increases will be above and beyond rate hikes experienced already this year. The Council of Insurance Agents and Brokers reported in its first two quarterly market reports in 2021 that average cyber coverage rates vaulted 18 percent in the first quarter and another 25.5 percent in the second quarter.

What’s happening? In a word: ransomware.

Ransomware is a type of cyberattack in which hackers plant malware on their target’s network, often by using a phishing message. This malware encrypts the victim’s files, leaving them unable to access information stored on their network. The hackers hold the information for ransom and demand a payment, promising to retire network access if the victim pays up.

One estimate showed a 93 percent year-over-year increase in overall ransomware attacks during the first half of 2021, while another reported the banking industry suffering a massive 1,300 percent increase in these types of cyber attacks.

Ransomware has become lucrative business for cyber criminals, and much easier to pull off thanks to the increase in remote work brought on by the COVID-19 pandemic.

“The rapid increase in ransomware attacks highlighted the need for brokers to work with clients to develop and practice robust risk management strategies to confront the growing threat,” said Ken A. Crerar, CEO of The Council of Insurance Agents and Brokers.

A new form of ransomware attack has targeted law firms in the last few years. This type of attack, sometimes referred to as a Maze attack, requires two ransom payments. The first is to unencrypt the victim’s data. The second ransom demand is made threatening that the hacker will make the stolen information public. A report in February 2020 said at least five law firms were extorted by a Maze ransomware attack.

“Ransomware has become a two-headed monster,” said Steve Robinson, National Cyber Practice Leader for Risk Placement Services, a national wholesale insurance broker and publisher of the U.S. Cyber Insurance Market Outlook. “Double extortion has become a contributing factor in cyber claim severity over the past year.”

Some attackers have upped the ante with “triple exportation” demands. These include not only release of network access and keeping personal information confidential, but hackers are also threatening to target the initial victim’s customer, vendors or business partners.

Ransomware attacks now account for 75 percent of all cyber claims, according to a June 2021 report by A.M. Best.

Ransomware payments are a key contributor to a sudden increase in the industry’s loss ratio. In insurance, a loss ratio is the amount that insurers pay out in claims compared with how much they collect in premiums. 

According to S&P Global Market Intelligence, the industry's loss ratio for cyber insurance rose for the third straight year in 2020, climbing from 47 percent in 2019 to 72.8 percent last year. That means for every $1 in premium collected on cyber coverage in 2020, nearly 73 cents was paid back to claimants, leaving only 27 cents for the other costs of doing business. 

This is unsustainable, meaning insurers have to adjust. This includes the aforementioned steep rate hikes along with lower coverage limits. RPS noted in its report that insurers who issued $5 million policies in 2020 started placing limits of $1 million to $3 million on policies, even on renewal. 

Chances are if you want the same level of coverage going forward, you may have to buy it from multiple carriers. You can also count on having your network security protocols more heavily scrutinized during underwriting.

Right now, however, you can get a good standalone cyber policy at a very reasonable rate. Why wait? Get a quote today.