2 min read

Insurer AXA says it will no longer cover ransomware payments in France

Graham CLULEY

May 07, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Insurer AXA says it will no longer cover ransomware payments in France

Insurance giant AXA has said that it is no longer writing cyberinsurance policies in France that cover ransom payments to extortionists.

AXA’s decision, which appears to be a first for the cyberinsurance industry, will still reimburse companies for the cost of responding and recovering from a ransomware attack – but will not cover the often significant sums of cryptocurrency demanded by criminal gangs after they have compromised a network, and encrypted or stolen data.

In addition, it will not affect existing policies that companies may have with the insurer.

Interestingly, AXA has only made the decision to stop writing policies that cover ransomware payments in France – and not the rest of the world.

France, which is estimated to have lost more than $5.5 billion to ransomware last year, is believed to be second only to the United States in terms of the financial damage caused by cybercriminal extortionists.

The issue of “to pay or not to pay” has become a controversial one.

Ciaran Martin, former head of the UK’s National Cyber Security Centre (NCSC) and now a professor at Oxford University, believes that insurers are “funding organised crime” by accepting ransomware claims.

Marcus Willett, who works at the International Institute for Strategic Studies (IISS) but used to have a senior role at GCHQ, argues in a recently published article that payments fund criminal organisations and only make ransomware attacks more likely.

However, paying a ransom can get your company out of a sticky situation. If your extortionists keep their word you will receive a method of decrypting your data, and they will – hopefully – not release your stolen data to the wider world.

Sometimes, as we saw with the ransomware attack against British fashion retailer FatFace, the criminals will even give your business advice on how to improve its security in future.

AXA’s lack of desire to cover ransomware payments in France appears to be at odds with insurers across the Channel. In fact, the British Association of Insurers says that paying the ransom demand may be the quickest and most effective way of getting businesses back to work as quickly as possible.

Internationally there have been some efforts to warn organisations against paying ransoms – whether it be for themselves or their clients.

In October 2020 the U.S. Department of the Treasury issued an advisory alerting organisations that help victims of ransomware attacks that they risk breaching sanctions by facilitating ransomware payments.

But ultimately, if you have the choice of paying a ransom or losing your company, you’re probably going to try to find a way to pay up. The only question then is – will your insurance company cover you for that ransom payment, or not?

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read