Following a series of sophisticated cyberattacks, such as WannaCry and NotPetya, AIG received a surge of cyber claims in 2017: The insurer saw as many claims notifications as the previous four years combined, RT reported.
“The combination of leaked National Security Agency (NSA) tools, plus state-sponsored capabilities, triggered a systemic event,” Mark Camillo, head of cyber for EMEA at AIG, said in a statement. “The WannaCry outbreak, which hit hundreds of thousands of machines around the world, could have been worse in terms of scale and insured losses if a U.K. researcher hadn’t quickly found and activated the kill switch.”
Furthermore, AIG found that more than a quarter – 26 percent – of cyber claims in 2017 cited ransomware as the primary cause of loss, compared to only 16 percent between 2013 and 2016. Additionally, AIG found that organizations are becoming more familiar with cyber insurance: “They understand more fully the scope of their cover and what incidents can and should be notified to their insurance carrier,” AIG said.
The news comes about a year after a major ransomware attack affected more than 200,000 computers in 150 countries across the globe. Targeting computers running the Microsoft Windows operating system, the malware encrypted users’ files and demanded payment in bitcoin equivalent to about $300 within 72 hours to regain access. If users didn’t pay within that time frame, the ransom would double. After a week, files were locked for good.
The incident, which notably affected major organizations like the British National Healthcare Service, Vodafone and Telefonica, was a bit odd as far as ransomware goes, said Andrew Douthwaite, CTO at cybersecurity company VirtualArmor.
“It is unusual for ransomware to have network worm capabilities,” Douthwaite has said. “However, it looks like this particular piece of ransomware was packaged in such a way as to take maximum advantage of this recent MS vulnerability allegedly discovered by the NSA.”