May 10, 2021
Wake-Up Call on Ransomware
by Paul Carroll
There may be a silver lining to the ransomware attack on the Colonial Pipeline. It underscores two long-obvious problems that have somehow been ignored.
The ransomware attack that shut down the 5,500-mile Colonial Pipeline, the largest fuel pipeline in the U.S., contains two important seeds of opportunity.
First, the federal government looks like it may get much more involved in preventing or at least prosecuting cyber attacks, specifically for important infrastructure like pipelines and electric grids, but perhaps more broadly, too.
Second, the attack raises the profile of the ransomware problem to the point that insurance clients may no longer be able to ignore it — which they mostly have even as ransomware activity quintupled globally between the first quarter of 2018 and the fourth quarter of 2020, according to Aon. This higher profile will create the opportunity for insurers to work with clients to finally step up their defenses.
Let me be clear, lest I come across as Polyannaish: This was a serious assault on a major piece of infrastructure and will likely result in higher gasoline prices, at least in the eastern half of the U.S. The attack also raises the prospect of devastating assaults on other pieces of key infrastructure, both in the U.S. and around the world. In addition, because the ransomware attack was arranged by a criminal ring in Russia, the attack brings into play all sorts of geopolitical issues that go well beyond what happens when some lone criminal hacks his way into a single corporation.
I’m merely suggesting that good things could also come out of the attack by the DarkSide group in Russia, because it underscores two problems that have long been obvious but that have somehow been ignored. The actions spurred by the attack won’t be perfect solutions by any means, but they should help.
The main action looks to be an aggressive response by the federal government, which has struck me as too passive as criminal gangs have greatly stepped up their ransomware attacks. There are limits to what the government can do against international gangs like DarkSide — it’s not as though President Biden can just call Vladimir Putin to complain and have him say, “Oh, sure, I’ll get right on it” — but having the Feds in the game should help a lot.
The other main action — the big opportunity for insurers — will occur because companies will increasingly see their vulnerability (finally!) and request help from the experts: the insurance companies that deal with cyber issues every day.
Look, in particular, at this recent article: “How to Combat the Surge in Ransomware,” from Tokio Marine HCC’s Cyber and Professional Lines Group. It describes what I think is the ideal approach for insurers assisting their clients, not just by selling insurance but by helping them reduce their risks — steering clients toward state-of-the-art tools (priced based on the insurer’s bulk discount) that monitor vulnerabilities, toward using multi-factor authentication, toward training, etc.
As long as the bad guys have shown they can work together and take down big targets like the Colonial Pipeline, the good guys need to work together, too. That surely means more help from the federal government on what is a national and, increasingly, international problem but also means insurers need to step up and deliver the sort of expertise and counsel that they possess uniquely and that define the industry’s noble purpose.
P.S. Here are the six articles I’d like to highlight from the past week:
An efficient workflow passes 60% to 70% of medical bills straight through; workers’ comp has a long way to go.
This article, the first in a series, looks at how regression to the mean is often misused to justify false claims about the success of wellness programs.
Consumers recognize now more than ever the importance of adequate insurance coverage. Now is the time to seize on this opportunity.
What’s possible for finance has been redefined: Comprehensive data makes it easier to connect performance across the business.
Those who welcome outsider participation in innovation can unlock new solutions without needing to reinvent their current businesses.
If the life insurance crisis is hard to understand, we must make it easy to comprehend. The insurance industry must lead us through this crisis.