- The Washington Times - Saturday, June 25, 2016

Cyber insurance didn’t keep the University of Calgary from recently paying roughly $15,000 after being hit by hackers, but a college official said other schools should consider buying coverage after seeing first-hand how costly a cyberattack can be.

After school computers became infected with ransomware last month, the University of Calgary paid $20,000 Canadian to restore research data that had been seized by hackers.

Speaking publicly about the incident Friday afternoon, Linda Dalgetty, the university’s vice president of finance and services, credited a cyber insurance policy purchased last year with helping the school bounce back after email and other services were suspended due to ransomware — an increasingly popular type of malware that encrypts compromised files and holds them hostage until a payment is made to cybercriminals.

Despite ransomware not being protected under a cyber insurance policy purchased by the school, Ms. Dalgetty said the U of C was able to bounce back largely because of its coverage. According to her, however, only three universities in Canada currently have similar plans.

“In fact one of my messages coming out of this to my peers, both in Alberta and across Canada, is this is a good thing for you to have,” Ms. Dalgetty said, according to the CBC. “And again not just because it’s that monetary recovery, it’s the value that we had from helping us going through a difficult time with this malware crisis.”

Global consulting firm PricewaterhouseCoopers has predicted the cyber insurance industry will be worth $7.5 billion by the end of the decade, and Rep. John Ratcliffe — who chairs the House’s Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies — recently called such policies a “valuable free-market tool in the ongoing effort to better defend ourselves against cyber risks.”

Those policies don’t always protect against ransomware — as happened with University of Calgary — despite cyber hostages having caused more than $1.6 million in losses during 2015, according to the FBI.

When the University of Calgary’s became infected last month, the school joined the list of other high-profile victims ranging from health care facilities to law enforcement agencies that have incurred significant costs as of late resulting from ransomware.

“We can prevent as much as we can, but the reality is that cyber-criminals are very smart,” said Ms. Dalgetty according to the Calgary Herald. “They’re prolific, they’re everywhere and I don’t know of any entities that have not had some level of incursion.”

More than 2.3 million computer users have been targeted with ransomware during the last year, security researchers at Kaspersky Labs concluded in a report published last week.

It’s not just academic institutions and businesses which are targetd. On Friday, for example, Forbes reported that a NASCAR racing team recently agreed to pay an undisclosed amount after suffering from an infection.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide