Private insurance companies are increasingly refusing to compensate for damage from major cyber attacks, as a result of which American enterprises bear “catastrophic financial losses.” In a new report, the Government Accountability Office (GAO) called on the government to assess the need to introduce federal cyber insurance.
The report is based on an assessment of the threat of a cyberattack on critical infrastructure and an analysis of vulnerable technologies that can be attacked. According to the report
Director of National Intelligence (ODNI), hacker groups associated with Russia, China, Iran and North Korea pose the greatest threat to the US infrastructure, as well as individual organized groups.
“Several key federal and industry sources show an increase in cyber attacks on critical U.S. infrastructure”, – specified in the report.
In 2021, there were about 26,000 cyber incidents, and the total losses from attacks amounted to about $2.6 billion. Moreover, insurers are leaving the market to avoid multimillion-dollar payments to organizations. In order to limit their costs from cyber incidents, companies simply refuse to cover losses from cyber attacks to organizations. According to the US Department of Justice, some insurers also reduce the maximum payout amount in the event of an attack.
Earlier we wrote that victims hire qualified negotiators to bargain with hackers in order to reduce the amount of ransom.