By Alwyn Scott
NEW YORK, June 22 (Reuters) - Businesses worldwide are
fighting sophisticated data scientists as they battle to protect
their data-rich computers from cyber crime - and the costly
attacks are not going to stop, a top expert at insurer Sompo
Holdings Inc said on Tuesday.
"It's like the Terminator: They're just going to keep coming
at you" because it is profitable, Brad Gow, global cyber product
leader at Sompo International, said on a panel at the Reuters
Future of Insurance USA conference, referring to the dystopian
movies.
Criminals are "extracting hundreds of millions from Western
insurance companies and other Western companies," he said. "I
don't see that relenting until the money flow stops."
For a video, click https://vimeo.com/566178073/fe01fdb338
Companies are facing more attacks and the cost of each is
rising. Ransomware criminals charged about $350 per attack in
2017 and 2018 and targeted companies with revenue up to about $1
billion, Gow said. Now they target bigger firms and "we're
seeing demands of $30, $40, $50 million with some regularity,"
Gow said. "It has really shocked the insurance market."
Beyond ransom, costs include computer network and data
restoration, business interruption and liability, said Meredith
Schnur, U.S. & Canada cyber brokerage leader at Marsh USA Inc, a
unit of Marsh & McLennan Companies Inc.
Some companies are finding insurers are unable to write
coverage, Schnur said, meaning this is a "hard market" - a term
she resisted using until this year.
In response, companies are strengthening defenses, and
insurers are raising the cost of coverage, trends expected to
continue. Companies also want data on how each protective
control will help, and by how much, Schnur said.
"We can't stop these things from happening," she said. "We
can be more prepared."
Success is driving cyber crime, along with "outsourcing" of
hacking technology. Sophisticated groups write powerful hacking
tools, then sell "ransomware kits" or "software as a service,"
enabling small criminal gangs to launch attacks.
"It might be that one guy, the rogue guy in the apartment,"
said Allyn Lynd, managing principal at Lodestone, a cyber
security unit of insurer Beazley Plc, who spent more
than two decades at the FBI.
Companies that pay ransom risk violating the U.S. ban on
funding terrorist groups, but at the moment, FBI agents "are not
going to come back a second time and victimize the
organization," Lynd said.
For more on the Reuters Future of Insurance USA 2021
conference please click here https://reutersevents.com/events/connectedusa/.
(Reporting by Alwyn Scott; Editing by Lisa Shumaker)