Despite the many business opportunities the Internet creates, the digital world also leads to a new breed of threats called ransomware. A form of cyber extortion, ransomware involves attackers getting a hold of your business’s most important and confidential documents. Cyber insurance can help you retrieve your information, but some say the coverage only fuels future ransomware attacks.
What is ransomware?
Ransomware is a cyber attack that involves attackers blocking access to a computer system and its files until they receive a payment. To gain access, attackers may trick users into clicking a link or downloading a malicious file through email or messaging.
How does ransomware work?
Once the software is installed, it can lock or encrypt all the files on your computer. Hackers then demand a ransom if you want to access your files again.
To make matters worse, there’s no guarantee you’ll get your files back even if you do pay the ransom. And once your files have been compromised, any private or confidential info could still be sold or distributed by the hackers.
Our top pick: CoverWallet
Compare multiple quotes for business insurance to find the cheapest rates from this online commercial insurance broker.
Compare quotes from multiple companies in minutes
Easily contact a personal adviser by phone, email or chat
Find industry-specific options like trailer interchange or loading coverage
Cyber liability insurance protects your business from the unexpected costs of a ransomware attack. Some policies also help with monitoring for cyberattacks and notifying customers and other people affected.
Along with ransomware, cyber insurance also covers other attacks like social engineering, hacked websites or malicious botnets.
What expenses does cyber insurance cover?
Your insurance policy may pay expenses to recover your business’s sensitive information. Those expenses include:
Cyber professionals who can guide you through negotiations and recovery from the attack
Information recovery and the expenses related to recovering documents or files
Computer system repairs for broken computer systems and cybersecurity
Financial demands from the attacker to regain your business’s important information
Media consultants to restore your business’s public image
What types of ransomware attacks does insurance cover?
You’ll find a few basic attacks in circulation that cyber insurance can help with:
Locker ransomware locks the entire computer system and demands payment to unlock it.
Crypto ransomware encrypts the files on an infected computer and demands payment to decrypt them.
Selling key information to other attackers whether or not they release that information back to you.
Stolen money from your business’s bank account could occur if the attacker steals key information to access accounts.
Stolen customer information like a customer’s financial or personal details can be sold or used to steal money.
How do ransomware attackers use cryptocurrency?
Unlike past attacks that focus on traditional currency, today’s hackers may request Bitcoin or another cryptocurrency. This decentralized digital currency allows people all over the world to buy goods and services anonymously. Because no names or addresses are attached, cybercriminals can make cryptocurrency transactions without tracing their location or identity.
What to do after a ransomware attack
If your company suffers from a ransomware attack, follow these steps to secure your computer systems and report the attack:
Disconnect your computer from any networks. You might also turn it off to disengage access until professionals can restore the system.
Notify your IT department. Your cybersecurity professionals can advise you on how to get your system back up and running.
Report the attack to law enforcement. You should report the ransomware attack to your local police and the FBI Crime Complaint Center. You may need to contact other organizations if personal information was stolen.
Notify affected individuals. You’ll want to make your employees and all affected individuals aware of the attack.
Update your cybersecurity. Look for weaknesses and upgrade your systems to prevent future attacks.
The big debate: Should I pay the ransom?
The National Association of Insurance Commissioners (NAIC) warns people not to pay the ransom for several reasons. You have no guarantee that paying will ensure your data’s recovery in its original state. Attackers may unblock part of your files and then demand further payment. Or they may sell that information to other attackers after restoring it to you.
Whether to pay the ransom for a cyberattack is a hot debate among cybersecurity professionals. Some news reports suggest paying the ransom could lower the cost of restoring important data. Other reports say the attackers’ success could fuel them to attack other businesses. The final decision may rest in your business’s insurance coverage and your ability to absorb recovery costs.
How to prevent a ransomware attack
Preventing ransomware attacks will keep your business safer than searching for a cure after the fact. Take a few steps to protect your business against this cyber risk.
Update your operating systems and networks regularly.
Back up all your important files and data to external devices.
Use strong passwords and two-factor authentication.
Install antivirus and anti-malware on all devices.
Avoid clicking links or downloading files from email or social media messages.
Avoid giving out personal information over the computer, even to trusted coworkers.
Look for cybersecurity weaknesses and review your company’s plan regularly.
Compare insurance for ransomware
Ransomware attacks can cause detriment to your business as you shoulder the costs of recovering important data and files. By choosing a businesss insurance policy tailored to your business, you can find peace of mind with protection against the financial damage a ransomware attack can cause.
Frequently asked questions about ransomware insurance
You can report a cyber insurance claim using your insurance company’s online system, claims service phone number or email. Some companies will have specialized phone support because of the pressing nature of cyber claims. You might find this contact information in a separate cyber claims section of your company’s website.
No, commercial property policies are designed to protect your business’s physical property, not data or intellectual property.
Some policies include cyber extortion through ransomware in their kidnap and ransom policies or offer it as an add-on. However, kidnap and ransom insurance focuses on physical kidnappings and the criminal’s demands. This coverage may not offer as robust coverage for cybercrimes as cyber insurance.
Tim Falk is a freelance writer for Finder, writing across a diverse range of topics. Over the course of his 15-year writing career, Tim has reported on everything from travel and personal finance to pets and TV soap operas. When he’s not staring at his computer, you can usually find him exploring the great outdoors.
How likely would you be to recommend finder to a friend or colleague?
Very UnlikelyExtremely Likely
Thank you for your feedback.
Our goal is to create the best possible product, and your thoughts, ideas and suggestions play a major role in helping us identify opportunities to improve.
finder.com is an independent comparison platform and information service that aims to provide you with the tools you need to make better decisions. While we are independent, the offers that appear on this site are from companies from which finder.com receives compensation. We may receive compensation from our partners for placement of their products or services. We may also receive compensation if you click on certain links posted on our site. While compensation arrangements may affect the order, position or placement of product information, it doesn't influence our assessment of those products. Please don't interpret the order in which products appear on our Site as any endorsement or recommendation from us. finder.com compares a wide range of products, providers and services but we don't provide information on all available products, providers or services. Please appreciate that there may be other options available to you than the products, providers or services covered by our service.