• About
  • Subscribe
  • Contact
Friday, May 9, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Management Leadership Finance Governance, Risk and Compliance

Are we kicking the can down the road with ransomware payments?

Andrew Taylor by Andrew Taylor
September 1, 2022
Photo by David McBee from Pexels: https://www.pexels.com/photo/round-silver-and-gold-coins-730564/

Photo by David McBee from Pexels: https://www.pexels.com/photo/round-silver-and-gold-coins-730564/

The first known cyber extortion attack dates back to 1989, a decade before the invention of bitcoin. Targeted at the healthcare industry, AIDS researchers fell prey to a social engineering tactic involving a Trojan virus on 20,000 floppy disks which were distributed to them at the World Health Organisation AIDS conference.

With data now perceived as more valuable than oil and possibly human lives, were criminals quick to see through human frailty as an easy gateway to data? Or was being “Rick-rolled” in the late 2000s the light bulb moment for cyber criminals?

The turn of the decade saw a spike in cyber hacking that had even led to the shutdown of national healthcare systems and endangering lives for such illegal money-making.

The growing use of bitcoin and other cryptocurrencies has further emboldened these criminal activities. Ransomware has proliferated and has become a substantial drain on business resources. 

With the pandemic-induced spike in the use of digital platforms, it is no surprise that the incidence of ransomware has been on a steep incline both globally and in Singapore. According to the Sophos’ State of Ransomware 2022 report, 65% of Singaporean organisations surveyed were hit with ransomware in 2021, up from 25% in 2020.

To make matters worse, the average ransom paid by organisations in Singapore that had data encrypted in their most significant ransomware attack increased by more than sixfold from US$187,500 in 2020 to US$1.16 million in 2021.

Regulators have preached “never pay the ransom” to ransomware victims, and some have legislated a ban on paying ransom in any circumstance. That said, this may not have drilled into enterprises and our society at large on the implications of this faceless crime. Does stopping ransomware payment just boil down to regulations?

Does it pay to pay?

The issue of paying the ransom to recover your files, especially customer and employee data, and proprietary information presents a moral dilemma for many.

The ransom could be used to fund terrorism and perpetuate other criminal activities, and paying up does not guarantee that your data will be decrypted or will not be published by the threat actors. Ironically, those who pay up may suffer repeated attacks as it reinforces the perception that they are a “soft” target.

According to Cybereason’s 2022 study on ransomware’s true cost to business, 80% of organisations were hit by ransomware again after paying up. 68% reported that the second attack with higher ransom demand took place less than a month later.

Source: Cybereason 2022

Organisations covered under a comprehensive cyber insurance policy could seek reimbursement for the costs associated with rectifying the network disruption caused by the malware. The decision to pay any ransom payment would rest with the insured.

For the insurer, reimbursing these funds to stop a cyber extortion event is a double-edged sword. While it could reduce the overall financial losses and the cost of an insurance claim, it also brings up moral and ethical issues where the reimbursement is seen to be directly and indirectly funding illegal activities by the perpetrators. Such reimbursements could therefore trigger regulatory concerns and would require a sensible review from the insurers. 

Targeting the insured

For many of these affected companies, paying these hefty sums is seen as the only way to protect their business. Even if they have data backed up elsewhere, they may feel obliged to give in to the hackers’ demands to prevent confidential information from being exposed. 

The same Sophos study found that 48% of the organisations that had data encrypted paid the ransom to get their data back, even if they had other means of data recovery, such as backups.

Bad actors are now using a form of “double extortion” where data is taken out and the system is locked up; so even if data is backed up else, companies are incentivised to pay. They are also getting smarter, searching for those who are insured to demand a higher payout.

Building on the same methodology as of double extortion, the hackers have recently added another layer to ransomware attacks – “triple extortion” – in which they attack or extort from a victim’s clients and even suppliers.  

The ethical dilemma of paying the piper

While paying the piper may seem like the path of least resistance for nearly half of the affected organisations, acting for the greater public good by deterring criminal activities remains the moral imperative for businesses.

Businesses and insurers can also face substantial reputational risks from fuelling the ransomware business with the payment and reimbursement of ransoms respectively.

Some insurers have taken a hard stance against reimbursing ransomware payments. Over at MSIG, we believe that the payment of ransomware does not sit within our broader mission of developing a sustainable and vibrant society, and we do not encourage our policyholders to succumb to cyber extortion.

Regulators need to send a strong message

On the regulatory front, legislators could double down on the repercussions of paying ransomware and consider tightening laws against paying cyber extortion ransoms.

While it is not illegal to pay ransoms in Singapore, authorities generally do not recommend that victims of ransomware pay the threat actors. This is because the payment does not guarantee that the perpetrators would provide decryption and may even increase the likelihood of more ransomware attacks.

Ransomware attacks are unfortunately not going away and are only becoming more common. The need for a more effective response to these threats is no longer a priority for businesses alone. Our society at large needs better defences against these criminals before the cyber threat turns into far-reaching systemic problems. Rather than kicking the can down the road, the public and private spheres should work together to navigate the ransom payment dilemma and the conflict of values.

Related:  Ransomware groups switch to remote ransomware attacks
Tags: cybercriminalsMSIGransomware
Andrew Taylor

Andrew Taylor

As Senior Vice President and Head of Financial Lines (Asia) at MSIG Insurance, Andrew Taylor is charged with strengthening the company's financial lines capabilities to meet the growing needs of clients in Asia. Based in Singapore while collaborating with the markets, Andrew has a dual reporting line to Mack Eng, CEO of MSIG Singapore, and Philip Kent, CEO of MSIG Hong Kong. He is responsible for the general insurer’s profitable growth of the business within the region including the growth markets, leveraging on MSIG’s established distribution channels. Andrew has over 20 years of international experience in the general insurance industry, spanning London, Australia and across Asia, where he is recognized as a pioneer in the Cyber Insurance space. Besides Cyber Insurance, he also specialises in Professional Indemnity and Technology E&O classes within the Financial Lines.

No Result
View All Result

Recent Posts

  • ARTHALAND chooses OutSystems to advance real estate sustainability
  • Experts warn against AI-powered deepfake impersonation scams
  • Dropbox updates universal search and knowledge management product
  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe