Insurers face new ransomware threats

The insurance industry faces new ransomware tactics, the fallout from the war in Ukraine and threats created by unprecedented nation state activity in cyberspace, according to new report from cyber analytics company CyberCube.

According to CyberCube’s H2 2022 Global Threat Briefing, ransomware continues to be largely responsible for the insurable cyber losses experienced by companies.

William Altman, CyberCube’s principal cyber security consultant, said: “Ransomware gangs are currently targeting lower-profile critical infrastructure operations and small and medium-sized businesses (SMBs) in healthcare, agriculture, and food supply chains.”

“Businesses in these industries are among those who can least afford the downtime associated with ransomware and extortion attacks, and often lack resources for effective cyber security in the face of well-resourced and determined attackers.”

The report also analyses cyber activity following the Russian invasion of Ukraine, noting that since February, both sides have been amassing cyber armies and hacktivists have pooled their efforts to attack Russia. 

Indeed, it points out that there are currently more than 70 different cyber threat actors related to the war in Ukraine – double the number identified at the beginning of March. The research also examines the use of wiper-malware attacks spreading globally, erasing hard drives and severely damaging devices it encounters.

Lea Hricikova, cyber security consultant at CyberCube added: “Russia has normalised the use of wiper malware in its attacks on targets in Ukraine, pushing the boundaries of acceptable behaviour in cyberspace beyond historic norms.  Prior to 2022, the most notable use of wiper malware on the world stage was NotPetya (2017). Five years later, this attack type is proliferating. Wiper malware has been used previously in a targeted way in Ukraine, but the audacity and sophistication of these threats should not be underestimated.”