Summary of “The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks”

“At the end of the day, it really boils down to a business decision on the insurance side of things: them looking at how much is it going to cost to fix it ourselves and how much is it going to cost to pay the ransom.”
As insurance companies have approved six- and seven-figure ransom payments over the past year, criminals’ demands have climbed.
Still, many public agencies are delighted to have their insurers cover ransoms, especially when the ransomware has also encrypted backup files.
Not all cyber insurance policies cover ransom payments.
After a ransomware attack on Jackson County, Georgia, last March, the county billed insurance for credit monitoring services and an attorney but had to pay the ransom of about $400,000, County Manager Kevin Poe said.
The proliferation of cyber insurers willing to accommodate ransom demands has fostered an industry of data recovery and incident response firms that insurers hire to investigate attacks and negotiate with and pay hackers.
New York-based Flashpoint also pays ransoms for insurance companies.
Over the past year, unknown attackers using the Ryuk strain have besieged small municipalities and technology and logistics companies, demanding ransoms up to $5 million, according to the FBI. Shortly after realizing it had been attacked, Lake City contacted the Florida League of Cities, which provides insurance for more than 550 public entities in the state.

The orginal article.