New York, NY (Oct. 24, 2019) – Beazley data reveals an increase in ransomware attacks against IT vendors as cyber criminals exploit weak security programs to target both vendors and their clients.
One quarter (24%) of all ransomware incidents reported to Beazley Breach Response (BBR) Services – Beazley’s in-house breach response team – in the third quarter of 2019, were found to have started with an attack on an IT vendor or managed service provider (MSP).
The spike in these attacks contributed to an overall 37% increase in reported incidents of ransomware in Q3 compared to the previous three months.
Small businesses, which often depend on MSPs to remotely manage their IT infrastructure, reported 63% of all ransomware incidents to BBR Services in the first nine months of 2019. While their level of reliance on MSPs varies, many small businesses outsource their entire IT operation to the MSP. This can create a dependent and deeply interconnected relationship that hackers play to their advantage.
Katherine Keefe, global head of BBR Services, said: “IT vendors that supply small businesses often have clients that are wholly dependent on their expertise and availability to guide them through any IT issue, including a suspected or actual breach. When a vendor itself becomes the target of a ransomware attack, it can not only expose clients to the risk of a breach, but can leave them in the dark and without any IT support as the vendor battles with the initial breach and potentially exorbitant ransom demands.
“We help clients get their businesses back up and running as efficiently as possible when a breach occurs. But most important is to ensure that sensible, preventative steps are taken to reduce the risk of being hit by ransomware either directly or via a service provider.”
For advice for small businesses on how to vet a potential MSP, see the latest Beazley Breach Insights.
About Beazley’s BBR Services Team
Beazley has managed thousands of data breaches since the launch of Beazley Breach Response in 2009 and is the only insurer with a dedicated in-house team focusing exclusively on helping clients handle data breaches.
The BBR Services team works directly with BBR insureds during all aspects of incident investigation and breach response and coordinates the expert services that BBR insureds need to satisfy legal requirements and maintain customer confidence. In addition to coordinating data breach response, BBR Services maintains and develops Beazley’s suite of risk management services, designed to minimize the risk of a data breach occurring.
Beazley plc (BEZ.L) is the parent company of specialist insurance businesses with operations in Europe, the US, Canada, Latin America, Asia and Australia. Beazley manages six Lloyd’s syndicates and in 2018 underwrote gross premiums worldwide of $2,615 million. All Lloyd’s syndicates are rated A by A.M. Best.
Beazley’s underwriters in the United States focus on writing a range of specialist insurance products. In the admitted market, coverage is provided by Beazley Insurance Company, Inc., an A.M. Best A rated carrier licensed in all 50 states. In the surplus lines market, coverage is provided by the Beazley syndicates at Lloyd’s.
Beazley is a market leader in many of its chosen lines, which include professional indemnity, property, marine, reinsurance, accident and life, and political risks and contingency business.
For more information, visit www.beazley.com.
SOURCE: BeazleyTags: Beazley, cyber attacks