Insurance giant AXA has said that it is no longer writing cyberinsurance policies in France that cover ransom payments to extortionists.
AXA’s decision, which appears to be a first for the cyberinsurance industry, will still it still reimburse companies for the cost of responding and recovering from a ransomware attack – but will not cover the often significant sums of cryptocurrency demanded by criminal gangs after they have compromised a network, and encrypted or stolen data.
In addition, it will not affect existing policies that companies may have with the insurer.
Interestingly, AXA has only made the decision to stop writing policies that cover ransomware payments in France – and not the rest of the world.
France, which is estimated to have lost more than $5.5 billion to ransomware last year, is believed to be second only to the United States in terms of the financial damage caused by cybercriminal extortionists.
The issue of “to pay or not to pay” has become a controversial one.
Ciaran Martin, former head of the UK’s National Cyber Security Centre (NCSC) and now a professor at Oxford University, believes that insurers are “funding organised crime” by accepting ransomware claims.
Marcus Willett, who works at the International Institute for Strategic Studies (IISS) but used to have a senior role at GCHQ, argues in a recently published article that payments fund criminal organisations and only make ransomware attacks more likely.
However, paying a ransom can get your company out of a sticky situation. If your extortionists keep their word you will receive ..
Support the originator by clicking the read the rest link below.
