Ex White House CIO attacks insurance firms for 'fuelling ransomware industry'



goldeneye-ransomware-skullFormer CIO of the White House Theresa Payton has warned that cyber insurance companies are supporting the ransomware industry by manipulating organisations into paying to have their systems returned after a cyber attack.

Insurance companies, according to Payton, are encouraging customers to pay ransomware demands as the costs associated with data recovery often outweigh those incurred by the ransom, meaning insurance providers pay far less as a result.

"I'm increasingly frustrated at the trend where the insurance companies are encouraging the victims to pay," said Theresa Payton, former White House CIO and security authority.

"The insurance company looks at what the potential incident response and forensics bill might be and that's going to be bigger in many cases because many organisations are not prepared and they would actually rather pay," she said.

Speaking at CloudSec 2019 in London, Payton said she was recently approached by an organisation seeking advice on how to proceed after its insurance company attempted to handle the ransomware issue directly. In that case, the insurance firm said it was "experienced at negotiating with the ransomware syndicates" and that it could "get the price to go way down".

Payton's warning follows a report issued earlier this year that showed ransomware attacks on UK businesses soared 195% in 2019 following a reduction in 2018. ITPro in the UK has the full story:

https://www.itpro.co.uk/ransomware/34396/ex-white-house-cio-attacks-insurance-firms-for-fuelling-ransomware-industry


Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews