Recent warnings from the U.S. Treasury about paying ransomware demands are unlikely to substantially change how cyber insurers cover or handle such situations, according to experts.
However, ransomware victims are likely to be under more pressure to be sure that anti-money laundering and sanctions regulations are honored should they pay a ransom.
The warnings are not a response to any wrongdoing. But, they have been issued at a time when ransomware attacks and ransomware payments are on the rise.
“I believe that both the legal counsel advising insureds as well as the insurance carriers have been aware of OFAC and have taken OFAC regulations quite seriously,” said Nick Economidis, vice president and e-risk underwriter, Crum & Forster. “We’ll likely see some small modifications to existing practices (to make doubly sure that actions are consistent with existing relations), but I do not foresee any big changes.”
Insurers note that victims of such attacks are the ones who decide whether to pay a ransom. Catherine Lyle, head of claims at Coalition, thinks the advisories signal an “increasing willingness to enforce OFAC sanctions on ransomware payments” and “makes clear that victims of ransomware, and the organizations that assist them, must establish processes to comply with OFAC sanctions or risk the consequences.”
FireEye Mandiant’s Charles Carmakal agrees that the advisory, while well-intentioned, will add more complexity for victim organizations after a security incident.
Topics Cyber
Was this article valuable?
Here are more articles you may enjoy.
CyberCube: Insured Loss Estimate From AWS Outage Likely About $40M 
Florida Appeals Court Reverses $200M Jury Verdict in Maya Kowalski Case 
Catastrophe Bond Investors Told to Brace for Jamaica Payout 
Reuters: Iran, Russia and the New Zealand Insurer That Kept Sanctioned Oil Flowing From This Issue
