You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Giant Insurer Halts Ransomware Coverage

Alternative headline: Top 5 European insurance company gets hit by Ransomware attack...

And both headlines are true. Of the same organization.

AXA is one of Europe's top 5 insurers, and they're getting out of the ransomware game in France. They will no longer cover Ransomware payments for their French clients.

It has been widely suspected that cybercrime groups have begun targeting companies with beefy insurance coverage. Makes sense right? Larger policies equal bigger paydays for the criminals. (Sound like personal injury lawsuits in the US? 🤔)

Not paying sounds great, unless you're the victim. When you're staring at encrypted networks and wondering how much of your sensitive/strategic/client data is lost, you sure want to be able to get your files back somehow!

So, it's unclear if this step will lead to a defeat of Ransomware cybercriminals. Governments around the world would love to see an end to the massive payments for illicit hacking activities.

“The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay.” -French Cybercrime Prosecutor

In fact, the US Treasury has warned that Ransomware payments can land you in hot water. Using the Office of Foreign Asset Control (OFAC), the US can prosecute anyone who gives money to sanctioned groups (i.e. North Korea, Syria, etc.) through ransomware payments. And yes, this also includes ransom payments unknowingly made to these entities, people or nations. And remember, it's not so clear who is actually on the other side of that Bitcoin wallet - especially in the chaotic hours and days after a cyber attack!

...that is what fuels the continued ransomware business — people keep paying ransom. -Josephine Wolff of Tufts University

Ok, back to the other side of this story....

An Asian subsidiary of AXA was also hit by Ransomware. Both announcements came in the same week. So they feel the pain from both sides - paying on behalf of clients and for their own data recovery.

Related? Coincidence? Not so sure...

But this is a huge step by a huge insurer to eliminate ransomware payment coverage.

The goal: end Ransomware. Full stop.

Is this the way that gets us there? We're not sure.

At INFIMA, we work with our partners and clients to see a more secure today.

Every day our clients and partners take steps to protect their people and their organizations with consistent, always-on Security Awareness Training.

Learn how easy it is to partner with INFIMA here!

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.