General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsThe Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks
Even when public agencies and companies hit by ransomware could recover their files on their own, insurers prefer to pay the ransom. Why? The attacks are good for business.
by Renee Dudley Aug. 27, 5 a.m. EDT
On June 24, the mayor and council of Lake City, Florida, gathered in an emergency session to decide how to resolve a ransomware attack that had locked the citys computer files for the preceding fortnight. Following the Pledge of Allegiance, Mayor Stephen Witt led an invocation. Our heavenly father, Witt said, we ask for your guidance today, that we do whats best for our city and our community.
Witt and the council members also sought guidance from City Manager Joseph Helfenberger. He recommended that the city allow its cyber insurer, Beazley, an underwriter at Lloyds of London, to pay the ransom of 42 bitcoin, then worth about $460,000. Lake City, which was covered for ransomware under its cyber-insurance policy, would only be responsible for a $10,000 deductible. In exchange for the ransom, the hacker would provide a key to unlock the files.
If this process works, it would save the city substantially in both time and money, Helfenberger told them.
Without asking questions or deliberating, the mayor and the council unanimously approved paying the ransom. The six-figure payment, one of several that U.S. cities have handed over to hackers in recent months to retrieve files, made national headlines.
https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks?utm_source=pocket-newtab
-snip-
On June 25, the day after the council meeting, the city said in a press release that while its backup recovery efforts were initially successful, many systems were determined to be unrecoverable. Lake City fronted the ransom amount to Coveware, which converted the money to bitcoin, paid the attackers and received a fee for its services. The Florida League of Cities reimbursed the city, Roberts said.
Lee acknowledged that paying ransoms spurs more ransomware attacks. But as cyber insurance becomes ubiquitous, he said, he trusts the industrys judgment.
The insurer is the one who is going to get hit with most of this if it continues, he said. And if theyre the ones deciding its still better to pay out, knowing that means theyre more likely to have to do it again if they still find that its the financially correct decision its kind of hard to argue with them because they know the cost-benefit of that. I have a hard time saying its the right decision, but maybe it makes sense with a certain perspective.
msongs
(67,405 posts)turbinetree
(24,695 posts)and then they paid...................................
Time to go back to pen and paper...................
keithbvadu2
(36,799 posts)Wonder what the record of honoring the ransom(s) is?
Any instances of paying but not getting results?
That greatly reduces the credibility of paying the ransom.