30th Floor, North Tower, Beijing Kerry Centre, 1 Guanghua Road, Chaoyang District, Beijing, 100020
+86 10 8519 0011
50th Floor, Central Plaza, 18 Harbour Road, Wan Chai, Hong Kong
+852 2521 5621
Room 4605, Park Place, 1601 Nanjing West Road, Jing An District, Shanghai, 200040
+8621 6321 1166
Suite 2405, 24/F, SCIA Tower, Qianhai Shenzhen-Hong Kong Modern Service Industry Cooperation Zone of Shenzhen, Shenzhen, 518000
+86 755 6123 5666
Select your language
Please accept the geolocation request appearing in your browser
Find other officesOUT-LAW NEWS 2 min. read
07 Dec 2021, 4:02 pm
Stuart Davey of Pinsent Masons was commenting after Pinsent Masons published its annual cyber report, which highlights the growing number of ransomware cases impacting businesses.
Stuart Davey
Partner
The uptick in ransomware attacks, and likelihood of their continued prevalence, serve as a stark reminder of the need for organisations to get cyber-ready
Ransomware is an increasingly prevalent form of cyber attack. It involves hackers installing malicious software on to computer systems to prevent organisations carrying out everyday operations or accessing data or other assets. Organisations are then prompted to make a payment to the hackers to bring about an end to the attack.
According to Pinsent Masons’ report, ransomware incidents accounted for 31% of the cyber team’s caseload over the past 12 months, up from 16% in 2020. This growth is consistent with a rise in ransomware-related incidents identified by both the UK’s National Cyber Security Centre (NCSC) and Information Commissioner’s Office (ICO).
In its recent annual review, the NCSC said there were three times as many ransomware attacks in the first quarter of 2021 than in the whole of 2019, while the ICO said at its data practitioner’s conference in May that the number of data breach cases linked to ransomware attacks reported to it had jumped from 13 per month to 42 per month over the course of the previous 12 months.
The amount of ransom demanded by cyber criminals varies from case to case. In Pinsent Masons’ experience, ransom amounts demand commonly ranged between $30,000 and $250,000 but Davey said that the cyber team had been engaged in one case in the last year where attackers had placed a $9.5 million ransom on unlocking access to systems and data.
“The current threat of ransomware attacks is not going away any time soon,” said Davey. “Organisations will find themselves – out of nowhere – thrust into the complex world of managing a business threatening ransom attack. In all cases serious consideration needs to be given not only to the commercial and criminal risk factors in whether or not to pay a ransom and/or engage with the attacker but also, on whether or not there is a duty to report to organisations such as the ICO, other supervisory and regulatory authorities and/or the police, notify the stock market, as well as the data subjects themselves.”
“The uptick in ransomware attacks, and likelihood of their continued prevalence, serve as a stark reminder of the need for organisations to get cyber-ready and have rehearsed response and recovery plans in place for when an attack inevitably happens. Ultimately, it may well be that governments, policy makers or the insurance industry may step in with measures which go some way to breaking the cyber criminals’ business model,” Davey said.
Recent data from insurance group Marsh (20-page/4.99MB PDF) suggested the rising number of ransomware attacks is driving an increase in cyber insurance pricing. The overwhelming majority of companies renewing cyber insurance had experienced an increase in premiums in the first half of 2021, and in the first quarter, pricing rose on average by 29%.
In the Netherlands, the Dutch government is reportedly considering banning insurance companies from paying ransom payments to hackers, in a bid to take away the financial incentive for criminals engaged in ransomware and other hacking attacks. AXA announced earlier this year that it would no longer reimburse cyber insurance policyholders in France if they choose to pay ransom demands to cyber criminals.
In a report published earlier this year, the US-based Ransomware Task Force – a body bringing together software companies, government agencies, cybersecurity suppliers, financial services companies, non-profits and academic institutions – characterised ransomware as “a global challenge” that no single entity alone can address. It set out 48 recommendations for government agencies and individual organisations to address the problem of ransomware attacks.
The Task Force recommended, among other things, that a global strategy for combatting ransomware be developed, and that an international framework to help businesses prepare for, and respond to, ransomware attacks also be established. It further backed increased regulation of the use of cryptoassets – which cyber criminals typically favour for payment due to their ability to transact anonymously and dissipate assets quickly on the blockchain.
According to the Task Force, ransomware attacks should become “an investigation and prosecution priority”, and it further identified the need for legal clarification over the security measures businesses can legitimately take to fight off attackers.
An entire chapter of the Task Force’s report was also committed to recommendations aimed at helping individual businesses better prepare for ransomware attacks, with measures endorsed including mapping organisational security processes and controls to existing popular cybersecurity frameworks; undertaking ransomware-specific risk assessments, and; leveraging contractual terms to hold managed service providers and IT suppliers accountable in respect of their cybersecurity measures.
Contact an adviser
Stay ahead by signing up to our weekly email of news and expert analysis, tailored for you
Data, privacy & cyber
Valid email address
Thanks, we have sent an email to
Please check your inbox to confirm your subscription. The confirmation email may take up to 15 minutes to arrive.
• Check your spam or junk folder
• Ensure your email address was entered correctly.
• You can amend your details and resubmit if required
• If the email has still not arrived, please contact us for assistance
OUT-LAW NEWS
A recent decision by the Court of Appeal in England & Wales highlights that judicial remedies cannot be used to unwind or amend regulated mortgages, an expert has said.
OUT-LAW NEWS
Businesses in Germany face increased risks of mass claims being raised against them if personal data they are responsible for is made available for sale on the ‘dark web’, experts have said following a ruling by the country’s highest court.
OUT-LAW NEWS
The Society of Construction Law (Singapore) rolled out a protocol for using experts’ joint statements.
We use cookies that are essential for our site to work. To improve our site, we would like to use additional cookies to help us understand how visitors use it, measure traffic to our site from social media platforms and to personalise your experience. Some of the cookies that we use are provided by third parties. To accept all cookies click ‘accept all’. To reject all optional cookies click ‘reject all’. To choose which optional cookies to allow click ‘cookie settings’. This tool uses a cookie to remember your choices.
Please visit our cookie policy for more information.
