Ransomware developers and affiliates have been telling victims they must pay the ransom or stolen data and internal company secrets will be publicly released. Unfortunately, not everyone has been a believer. Six and seven-figure demands have become routine among ransomware attacks with the average ransom payment in quarter two of 2020 reaching $178,254, a 60% leap from the $111,605 average in quarter one according to the Coveware Quarterly Ransomware Report. 
“Credit unions need to be looking out for ransomware techniques. These cyber attacks have no boundaries and are truly a global issue,” reports Carlos Molina, Senior Risk Consultant at CUNA Mutual Group. “Ransomware has grown in frequency and severity significantly. The average ransom payments have climbed exponentially in the last few years.”
Ransomware payments in 2019 were three times as large as 2018 payments and four times as many extortion demands were paid in 2019 versus 2018, according to incidents reported to Beazley. In fact, ransomware claims increased 239% and the total cost of ransomware payments has increased by 228% from 2018 to 2019. 
According to Derek Laczniak, Director of Cyber Liability at M3 Insurance, “Ransomware developers threatened to release stolen data in the past. However, now with the actual release of confidential information, credit unions need to treat these attacks more like data breaches. Business interruption from these events has become a regular occurrence leaving both reputational and financial impacts.”
How does Ransomware work?
Ransomware is a malicious software that restricts access to an infected machine, usually by systematically encrypting files on the system’s hard drive. Then the cyber-criminal demands payment of a ransom in exchange for the key or keys to decrypt the data. Ransomware can be devastating.
The most identified infection points used to deploy ransomware:
There has also been a significant increase in criminals who purchase ransomware kits on the dark web, launch attacks in the hope of getting some payment, and care little about the data restoration experience of their victims.
“Ransomware code on a reseller distribution network is a very lucrative business for cybercriminals. The availability of free, do-it-yourself ransomware-as-a-service (RaaS) kits, and cheap attack ingredients has pushed the barrier to entry extremely low and deep technical expertise is no longer really needed.” according to M3’s Laczniak. “It is also possible that the increase of RaaS usage is related to the economic impact of the pandemic driving more financially-stressed individuals towards a career in cybercrime.”
“There’s no foolproof way of preventing ransomware attacks from occurring; however, all too often ransomware can be avoided with the right IT security and risk management procedures,” adds Molina. “Proactive prevention is the most effective for credit unions.”
Key Prevention Tips
Security experts are reporting a potential increase in ransomware attacks for the foreseeable future. Molina emphasizes, “As ransomware tools and deployment methods advance, criminal groups will continue to launch more targeted attack campaigns resulting in increased paid ransom demands and more negative impact to credit unions’ reputation and bottom-line.”
Need More Info?
To learn more about ransomware, cyber risks, and insurance, go to the Protection Resource Center at cunamutual.com/prc for additional resources and RISK Alerts or contact a Risk Consultant at 800.637.2676 or email@example.com.
Beazley cyber insurance policyholders can also access additional resources at www.beazleybreachsolutions.com (User ID / Password required). In addition, Beazley offers many loss mitigation services at a discount for credit unions.
CUNA Mutual Group is the marketing name for CUNA Mutual Holding Company, a mutual insurance holding company, its subsidiaries and affiliates. Insurance products offered to financial institutions and their affiliates are underwritten by CUMIS Insurance Society, Inc. or CUMIS Specialty Insurance Company, members of the CUNA Mutual Group. Some coverages may not be available in all states. If a coverage is not available from one of our member companies, CUNA Mutual Insurance Agency, Inc., our insurance producer affiliate, may assist us in placing coverage with other insurance carriers in order to serve our customers’ needs. CUMIS Specialty Insurance Company, our excess and surplus lines carrier, underwrites coverages that are not available in the admitted market. Cyber policies are underwritten by Beazley Insurance Group or other nonaffiliated admitted carriers. © CUNA Mutual Group, 2021. All rights reserved. CUPRM-3364141.1-1220-0123
The Pulse is MnCUN's newsletter that keeps credit union professionals and board members updated on current news and information.