‘Insurance fuels future cyberattacks’
In total, less than half of Dutch companies (47%) are insured against ransomware attacks. The percentages in other countries are higher, for example in India (63%), the United States (58%) and France (50%). On average, Dutch decision makers expect that cybercriminals will demand 1.1 million euros in ransom from their organisation. However, the vast majority of Dutch respondents (80%) do not support insurance coverage when a victim of a cyber attack decides to pay the ransom. According to them, this would only encourage more cyber attacks. So they prefer a ban on this type of coverage.
Ronald Ball, Cyber Security Specialist at CrowdStrike: “Cybercriminals see institutions as insured against cybercrime and use them to negotiate how much to pay. They also offer all kinds of things to motivate victims to pay. Of course there are cases where the payment is very tempting, especially when the payment is made. Shut down the entire production line or when it comes to ethical issues.But as a victim you have to ask yourself how far you are the wicked wants to take care of. Although pushing might seem like a way out at that moment, it isn’t. The total cost of a ransomware attack is much higher than the actual ransom cost. Think, for example, of the full forensic analysis that needs to be done. Moreover, it maintains their revenue model. If we really want to change something, then not paying should become the norm. However, we must do it together, otherwise companies or institutions will perish.”
Note to editors, not for publication
The research was conducted by the research agency OpinionMatters on behalf of CrowdStrike. The total sample size includes 2,516 business decision makers in the United Kingdom, the United States, Australia, India, France, Japan, Singapore, the Netherlands, Spain and Germany. A total of 250 Dutch respondents participated. The survey was conducted between July 2 and 15, 2021.