Gallagher Bassett exec weighs in on ransomware and other cyber risks

cybersecurity-hack-data-breach-cloud

While death and taxes are two inevitable events in life, a cyberattack of some sort is fast becoming a third that many individuals seem destined to experience, especially if they own or work in a business.

In an upcoming podcast, Christa Johnson, team lead – cyber at Gallagher Bassett, shares that ransomware is still on the rise. "So, we are definitely seeing an increase in ransomware claims right now, especially since 2022. A lot of people attributed the slowdown back then to the Russia-Ukraine war, and there was some government intervention that improved the landscape," she explains.

Interestingly, Johnson finds that while she is seeing more claims, the type of damage resulting from the ransomware attacks is changing as data becomes even more of a focus for threat actors.

As companies become prioritize training, backing up data and updating systems, there are still holes and vulnerabilities that can be exploited. Johnson says it's not a matter of "if" a company will be compromised, but "when."

Among some of the more likely targets of threat actors are professional services firms like accountants or attorneys, but the healthcare industry is also a prime focus. "There's so much sensitive data and it's worth more," shares Johnson. "And education, finance, we're also seeing an uptick in what's called ransomware as a service. So, you have one affiliate that develops the malware and then they allow other affiliates to use it, and the originating group gets part of the ransom. So, some of these are easy to send out, and so they're doing more frequent attacks with lower demands. Some of these entities are pretty picky about who can use their malware and those result in larger demands, larger ransoms, and they're just more sophisticated software."

Johnson also talks about the importance of continuously training staff, maintaining backups, issues surrounding CEO fraud, and the value of cyber hygiene. The podcast can be found here.

For reprint and licensing requests for this article, click here.
Cyber security Cyber attacks Insurance technology
MORE FROM DIGITAL INSURANCE