Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Consumer ransomware insurance? You could be painting a target on us all for avaricious crims

D'ya hear that, cybercrooks? $50k up for grabs.

Fire, theft, flood – and now cyber attack. Customers of a Californian biz offering payouts of up to $50,000 in case your cat videos get Wannacry’d but experts worry it could make the problem worse.

Los Angeles-based firm Mercury Insurance reportedly began offering “cyber protection coverage” to its retail customers in the USA earlier this month.

“Homeowners and renters have enjoyed the added convenience provided by computers, tablets and smartphones, but these devices create new opportunities for cybercriminals to infiltrate your home,” the firm’s Jane Li informed the Orange County Register (no relation to Vulture Central).

Thus, should your stock of cat videos and unpublishable memes become subject to a ransomware attack, you can make a claim for the cost of the ransom. On top of that, you can also get hold of “professional assistance from cyber extortion experts”, which we hope isn’t like the sort of “help” coming from Red Mosquito that we covered previously. With an excess of $500 on an annual premium of just $30, and cover within and without the home, it seems like a reasonably good deal on the face of it.

“An example of a cyber-attack claim is if you receive a ransom demand on a computer after noticing your files are locked,” Li told the OCR. “The demand states that you need to pay $2,000. Mercury will review the claim and if credible, cover the insured’s loss.”

But what about unintended consequences

Brett Callow of antivirus biz Emsisoft opined that while “ransomware attacks against home users have been in steady decline” because businesses are more lucrative targets, “if policies such as this become popular, it could change that dynamic.”

“In the past, threats actors would’ve had a near-zero chance of getting a $50k ransom from a home user to unlock their collection of cat memes, but an insured victim could be willing and able to pay,” warned Callow. “And, of course, home users likely make for softer targets than businesses, making them an even more attractive target.”

Jason Nurse, a cybersecurity boffin from the University of Kent, was skeptical about whether the product would trigger increased attention and large payouts by insurers.

finger

Massachusetts city tells ransomware scumbags to RYUK off, our IT staff will handle this easily

READ MORE

“£50k is quite substantial for an average consumer ransomware attack, and would almost certainly – depending on the wealth of the individual – result in no payment,” he told us.

“Cybercriminals that target consumers via ransomware are more interested in making ‘some’ money from large amounts of people rather than hoping that they will make £50k from a single person/home. This may well change in the future – say in 5-10 years – when entire homes/cars are connected (the smart home/city dream) and a ransomware attack locking down an entire home becomes much more impactful.”

While cynical minds might think that offering a clearly defined $50,000 limit on payouts might trigger ransomware crooks into upping their ransom demands to, say, $50,000 a pop, and encourage them to target ordinary consumers instead of businesses, for now we might get lucky.

For now. ®

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like