- Is Perplexity Pro worth the subscription? This free shipping perk just might convince me
- Perplexity AI's new shopping assistant is ready to tackle your holiday gift list
- One of the best QLED TVs I've tested isn't made by Samsung or LG (and up to $2,000 off)
- I can't recommend this rugged power station enough to drone users - and it's $340 off for Black Friday
- 5 Best VPNs for Streaming in 2024
UK Insurers Defend Covering Ransomware Payments
Insurance providers in the United Kingdom have defended the inclusion of ransomware payments in first-party cyber-insurance policies.
Cyber-risk insurance covers the cost of restoring loss to business income or reputation caused by damage to computers and computer networks.
The Association of British Insurers (ABI) said that while insurance was “not an alternative” to taking appropriate action to minimize risk, firms could suffer financial ruin without cyber coverage.
The ABI comments were made in response to a warning issued earlier this week by the UK’s former National Cyber Security Centre director Professor Ciaran Martin. Speaking to The Guardian, Martin said that insurers who pay out claims from companies who have paid ransoms to cyber-attackers to regain access to systems and data are funding organized crime.
Martin, who stepped down from his position as Britain’s top cybersecurity official last August, expressed concern that ransomware attacks were “close to getting out of control.”
Extortion laws in the UK prohibit the payment of ransoms to terrorists; however, no legal barriers are in place to stop companies from paying ransomware gangs to retrieve exfiltrated data and system access following a cyber-attack.
“People are paying bitcoin to criminals and claiming back cash. I see this as so avoidable,” said Martin.
“At the moment, companies have incentives to pay ransoms to make sure this all goes away. You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry.”
He added: “The law is nobody’s fault, it was written for another purpose, but it has become OK to pay out to criminals.”
An ABI spokesperson told the BBC that insurers do require customers to take “reasonable precautions” to prevent cyber-attacks from occurring.
“Some might argue that any insurance that covers against a criminal act could lull the policyholder into a false sense of security,” they said.
Martin, who now works at Oxford University’s Blavatnik School of Government, told the BBC: “I have some sympathy with insurers, because as long as it’s legal, there are incentives to pay.”
