Finder is committed to editorial independence. While we receive compensation when you click links to partners, they do not influence our opinions or reviews. Learn how we make money.
Compare ransomware insurance
Get coverage to recover important company data held hostage by a cyber attack.
Despite the many business opportunities the Internet creates, the digital world also leads to a new breed of threats called ransomware. A form of cyber extortion, ransomware involves attackers getting a hold of your business’s most important and confidential documents. Cyber insurance can help you retrieve your information, but some say the coverage only fuels future ransomware attacks.
What is ransomware?
Ransomware is a cyber attack that involves attackers blocking access to a computer system and its files until they receive a payment. To gain access, attackers may trick users into clicking a link or downloading a malicious file through email or messaging.
How does ransomware work?
Once the software is installed, it can lock or encrypt all the files on your computer. Hackers then demand a ransom if you want to access your files again.
To make matters worse, there’s no guarantee you’ll get your files back even if you do pay the ransom. And once your files have been compromised, any private or confidential info could still be sold or distributed by the hackers.
Compare insurance for ransomware
Does insurance covers ransomware attacks?
Cyber liability insurance protects your business from the unexpected costs of a ransomware attack. Some policies also help with monitoring for cyberattacks and notifying customers and other people affected.
Along with ransomware, cyber insurance also covers other attacks like social engineering, hacked websites or malicious botnets.
What expenses does cyber insurance cover?
Your insurance policy may pay expenses to recover your business’s sensitive information. Those expenses include:
- Cyber professionals who can guide you through negotiations and recovery from the attack
- Information recovery and the expenses related to recovering documents or files
- Computer system repairs for broken computer systems and cybersecurity
- Financial demands from the attacker to regain your business’s important information
- Media consultants to restore your business’s public image
What types of ransomware attacks does insurance cover?
You’ll find a few basic attacks in circulation that cyber insurance can help with:
- Locker ransomware locks the entire computer system and demands payment to unlock it.
- Crypto ransomware encrypts the files on an infected computer and demands payment to decrypt them.
- Selling key information to other attackers whether or not they release that information back to you.
- Stolen money from your business’s bank account could occur if the attacker steals key information to access accounts.
- Stolen customer information like a customer’s financial or personal details can be sold or used to steal money.
How do ransomware attackers use cryptocurrency?
Unlike past attacks that focus on traditional currency, today’s hackers may request Bitcoin or another cryptocurrency. This decentralized digital currency allows people all over the world to buy goods and services anonymously. Because no names or addresses are attached, cybercriminals can make cryptocurrency transactions without tracing their location or identity.
What to do after a ransomware attack
If your company suffers from a ransomware attack, follow these steps to secure your computer systems and report the attack:
- Disconnect your computer from any networks. You might also turn it off to disengage access until professionals can restore the system.
- Notify your IT department. Your cybersecurity professionals can advise you on how to get your system back up and running.
- Report the attack to law enforcement. You should report the ransomware attack to your local police and the FBI Crime Complaint Center. You may need to contact other organizations if personal information was stolen.
- Notify affected individuals. You’ll want to make your employees and all affected individuals aware of the attack.
- Update your cybersecurity. Look for weaknesses and upgrade your systems to prevent future attacks.
The big debate: Should I pay the ransom?
The National Association of Insurance Commissioners (NAIC) warns people not to pay the ransom for several reasons. You have no guarantee that paying will ensure your data’s recovery in its original state. Attackers may unblock part of your files and then demand further payment. Or they may sell that information to other attackers after restoring it to you.
Whether to pay the ransom for a cyberattack is a hot debate among cybersecurity professionals. Some news reports suggest paying the ransom could lower the cost of restoring important data. Other reports say the attackers’ success could fuel them to attack other businesses. The final decision may rest in your business’s insurance coverage and your ability to absorb recovery costs.
How to prevent a ransomware attack
Preventing ransomware attacks will keep your business safer than searching for a cure after the fact. Take a few steps to protect your business against this cyber risk.
- Update your operating systems and networks regularly.
- Back up all your important files and data to external devices.
- Use strong passwords and two-factor authentication.
- Install antivirus and anti-malware on all devices.
- Avoid clicking links or downloading files from email or social media messages.
- Avoid giving out personal information over the computer, even to trusted coworkers.
- Look for cybersecurity weaknesses and review your company’s plan regularly.
Bottom line
Ransomware attacks can cause detriment to your business as you shoulder the costs of recovering important data and files. By choosing a businesss insurance policy tailored to your business, you can find peace of mind with protection against the financial damage a ransomware attack can cause.
Frequently asked questions about ransomware insurance
Ask an Expert