Each year the total ransomware cases and money demanded, either through bitcoin or other monetary means, increases. Attacks can cost businesses and governments millions of dollars in recovery fees, and the enormous payout is why the ransomware industry is so enticing to cybercriminals. There are many other factors to why a soar in ransomware incidents are occurring, but could cyber insurance be unintentionally contributing to its expansion?
On a side note, it is always important to stay relevant to the information that can help you stay vigilant to cyber threats. Click below to read some tips on how to better protect your business from ransomware.
Evolution of Ransomware
SMBs are at a significant risk of cyberattacks
In a statement by the FBI regarding ransomware, they express their, “discourag[ment] [towards] payments of cyber ransoms arguing that it could encourage this criminal business model.” The unfortunate reality is that, most of the time, businesses decide to pay a ransom because it is a more financially wise decision. Paying only gives cybercriminals an incentive to strike again and inadvertently expands the ransomware criminal industry.
Additionally, insurance firms
“won’t make an ethical or a moral decision but the best business decision,“ and shockingly, “a survey of 600 U.S. business leaders conducted by IBM in 2018 […] found that 70% of the business leaders had paid a ransom after a cyber-attack.” The purchase of cyber-liability insurance is not slowing down, and KPMG predicted, “the global cyber insurance market has been experiencing yearly growth of between 20% to 25%. Worth $2.5 billion in premiums in 2015, this is expected to balloon to $7.5 billion by 2020. By 2025 this is projected to rise to $20 billion.” The ransomware criminal industry may also see growth in the upcoming years as more cybercriminals rush to take advantage of the payouts from insurance firms. As more ransomware cases occur, demand for cyber insurance increases. However, as more insurances pay ransoms, more cybercriminals flood into the criminal industry to strike rich. Gold rush ransomware edition?
Having your business equipped with sufficient protective measures is the best method to halt the development of more cybercriminals. Being proactive is always more advantageous than being reactive. Advocating for the reduced purchases of cyber insurance is not the proper solution. Cyber insurance is valuable, and where business owners make mistakes is where they place their priority. Rather than seeking the most desirable cyber insurance, business owners should place greater emphasis on strengthening network security and attaining adequate IT knowledge. A safer network reduces the probability of a breach, and not having a network compromise means your insurance will not have to pay a ransom. As a result, the cyber insurance you have purchased would not be producing an unintentional growth effect on the ransomware criminal business model.
Click here if you would like to read the rest of the story – The Biggest Beneficiaries of the Bitcoin Ransomware Boom are Not Hackers
If you have concerns, or need help, please reach out to Alvaka Networks day or night. We operate 24x7x365 with all US based personnel.
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.