Definition of the Month: Ransomware


December 2023


Ransomware is a type of malicious software that encrypts or locks up files on a computer or network, making them inaccessible. The attackers then typically demand a ransom, usually in cryptocurrency, to provide the decryption key or otherwise to unlock the files. Over the past few years, we have witnessed the emergence of the ‘two-pronged attack’ which might see the cybercriminals then seek payment of a second ransom, which if not made, might result in stolen data being leaked in the public domain.

Attacks based on ransomware are  a form of cyber extortion that can cause significant disruption to individuals or organisations in a vast number of ways, including by denying access to their own data until the ransom(s) is paid.

While some ‘traditional’ policies (such as property, or professional indemnity) might include some liability cover for cyber-related damages, a standalone cyber insurance policy provides broader cover.

As well as certain liability cover, a cyber policy typically extends to ‘first party’ costs (i.e. the impacted business’ own costs of dealing with a cyber event). For this reason, such policies are increasingly purchased by businesses seeking to mitigate the fallout from ransomware incidents (and a vast array of other cyber and privacy-related events).

Market leading cyber insurance policies can cover expenses related to ransom payments (both the ransom payment itself and related costs), data recovery, legal fees, and lost income resulting from a ransomware attack and, in some cases, the costs of reputational damage.