Ransomware Attack Fallout: Some Victims Face Customer Lawsuits -

We know that ransomware hijackers can cost their victims millions of dollars to recover. But attacked businesses can also face the threat of lawsuits by their customers who sue for damages.

If a company’s customers claim they have lost data or incurred some other operations injury from a cyber attack on their supplier, the targeted operation may find themselves paying big money to defend lawsuits brought by those customers, said Corvus Insurance, a provider of commercial insurance products, in a new report. And that’s in addition to the money it will take the first-party victim to fix the damage, restore their operations and recover their data, possibly forking out millions more in ransom payments to do so.

Lawsuits brought by a company’s customers in the wake of a cyber incident are largely confined to larger businesses, according to Corvus. For example, a company with 250 or more employees is roughly 200 percent more likely to sue their tech vendor than a company with 10 or fewer employees, and twice as likely as a company with 11-50 employees. Media outlets and metals manufacturers are 50 percent more likely to sue their technology vendors than the average business, while insurers are around 20 percent more likely, Corvus said.

Corvus’ Risk Insights Index, the company’s first such dive into a compilation of industry trends and data analysis based on its IT security technology and other sources, is intended to serve as an inside look at the insights and tools used by risk managers, IT departments, security researchers, and solution providers to hone their offerings and approaches to keeping organizations safe from evolving cyber threats. In addition to litigation risk, the report also focuses specifically on Cyber and Technology E&O (errors and omissions) risk and includes data on cyber risk technologies, ransomware, and cyber vulnerability as pertains to commercial insurance.

Ransomware claims and costs.

Ransomware claims from Q2 2020 through Q1 2021 rose from 0.25 percent to 0.58 percent in frequency but then dropped by 50 percent Q2 2021 and largely remained there through Q3 2021.

Breach response costs for assistance in legal, forensics and recovery efforts increased from 29 percent to 52 percent of overall claim costs, while business interruption costs shrunk as a percentage. Ransomware claims resulting in a ransom payment slid from 44 percent in Q3 2020 to 12 percent by Q3 2021.

Corvus attributed the decrease in demand-to-pay ratio to improved preparedness and resiliency on the part of policyholders that enabled managed security service providers (MSSPs) and other breach response pros to get companies back online faster.

Overall, ransomware attacks cost companies about $140,000 so far this year, nearly the same as in 2020.

Post-COVID security & IT trends.

After Remote Desktop Protocol (RDP) became a favored attack vector in 2020, its presence in IT systems dropped by 50 percent in 2021.

Email phishing continues to be a popular launching pad for cyber crimes against businesses, but a number of cloud-based security tools can be implemented to thwart these threats.

Corvus recognized a 2.5x (158%) lift in the usage of email security software across all industries, contributing to the reduction of these widespread threats.

“Over the past few years, the cybersecurity landscape has completely erupted with sophisticated forms of cyber attacks, creating many challenges for today’s security professionals,” said Phil Edmundson, Corvus founder and chief executive. “This report provides the analysis needed to empower organizations to continue enhancing their offerings and keep our world safe from destructive threat actors.”