Security & Fraud

AIG: WannaCry, Data Breaches Made 2017 Worst Year Yet

Cybersecurity

Following a series of sophisticated cyberattacks, such as WannaCry and NotPetya, AIG received a surge of cyber claims in 2017: The insurer saw as many claims notifications as the previous four years combined, RT reported.

“The combination of leaked National Security Agency (NSA) tools, plus state-sponsored capabilities, triggered a systemic event,” Mark Camillo, head of cyber for EMEA at AIG, said in a statement. “The WannaCry outbreak, which hit hundreds of thousands of machines around the world, could have been worse in terms of scale and insured losses if a U.K. researcher hadn’t quickly found and activated the kill switch.”

Furthermore, AIG found that more than a quarter – 26 percent – of cyber claims in 2017 cited ransomware as the primary cause of loss, compared to only 16 percent between 2013 and 2016. Additionally, AIG found that organizations are becoming more familiar with cyber insurance: “They understand more fully the scope of their cover and what incidents can and should be notified to their insurance carrier,” AIG said.

The news comes about a year after a major ransomware attack affected more than 200,000 computers in 150 countries across the globe. Targeting computers running the Microsoft Windows operating system, the malware encrypted users’ files and demanded payment in bitcoin equivalent to about $300 within 72 hours to regain access. If users didn’t pay within that time frame, the ransom would double. After a week, files were locked for good.

The incident, which notably affected major organizations like the British National Healthcare Service, Vodafone and Telefonica, was a bit odd as far as ransomware goes, said Andrew Douthwaite, CTO at cybersecurity company VirtualArmor.

“It is unusual for ransomware to have network worm capabilities,” Douthwaite has said. “However, it looks like this particular piece of ransomware was packaged in such a way as to take maximum advantage of this recent MS vulnerability allegedly discovered by the NSA.”

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

TRENDING RIGHT NOW