Log In

Reset Password
BERMUDA | RSS PODCAST

Ukraine invasion caused drop in ransomware events

First Prev 1 2 3 Next Last
Held to ransom: ransomware attacks have declined since the Russian invasion of Ukraine

Russia’s invasion of Ukraine in February 2022 was quickly followed by a sharp decrease in organised ransomware attacks worldwide, a leading expert revealed at the second annual Bermuda Risk Summit.

Yosha DeLong is the global head of cyber for Bermudian-headquartered Mosaic Insurance, a direct writer of cyber coverage.

Ms DeLong, who is based in Chicago, said: “A lot of these ransomware gangs, and especially some of the ones that were really prevalent in 2019 and 2020, were made up of groups that were both Ukrainian and Russian.

“They have been very tied together in the past, and when this war started, a couple of things happened.

“There was a fracturing of the gangs because there were political disagreements, so we saw two or three major ones that fractured as a result of that.

“The other thing was the recruiting for the military — specifically by Russia. Ukraine was a little bit more voluntary.

“But mandatory recruiting in the military, which shook a lot of these people off the hacking line into actually putting guns in their hands.

“What we saw immediately after this was actually a sharp downtick in organised ransomware events.”

Yosha DeLong, SVP, head of cyber underwriting, Mosaic

Ms DeLong sat on Monday’s Exploring the Future of Cyber Reinsurance panel, moderated by Kerr Kennedy, an associate partner at EY Bermuda.

She was joined on the panel by George Alayon, deputy director of insurance supervision at the Bermuda Monetary Authority, Edouard Von Heberstein, founder and CEO, Spectra Ltd, and Sebastien Plummer, cyber specialist broker, Gallagher Re.

Aside from ransomware attacks, cyber risks include hacking and the stealing of information — as well as non-cyber privacy events.

Yosha DeLong, centre, is flanked by panellists Edouard Von Haberstein, left, George Alayon and Sebastien Plummer, and moderator Kerr Kennedy (Photograph by Duncan Hall)

Ms DeLong said: “A great example of that is somebody accidentally disclosing a patient list from a doctor’s office. That would trigger a cyber policy, to respond and comply with whatever regulatory environment they were in in that space.

“But nobody bad actually got a hold of that, there was no malicious act that happened, but that still can affect cyber.”

She added: “So we really have this very complex environment where you have very targeted ransomware events that are going after very specific targets, either because they know they have deep pockets or they know that the business interruption is too great of a risk for them to take a chance and not pay.

“You have the ones where they are going after information, which could be an espionage type of situation. China is very good at that. They go after specific information about specific people.

“There’s the ones that are still stealing credit card information, or social security numbers in the US, and then there’s the just accidental disclosure or non-event privacy disclosure.”

As one of the fastest-growing areas of risk, cyber will require additional reinsurance capacity in future, Ms DeLong said.

“There’s enough reinsurance capacity for what exists right now, but as we grow, as we see this increased inter-connectivity of the world, as we see what cyber events expand and change, that’s where we are starting to see the capacity constraints.”

Bermuda has around half of the approximately $5 billion global cyber reinsurance market, Mr Kennedy said.

Ms DeLong said Bermuda is being looked to for the provision of new and innovative solutions to that capacity crunch — but also for thinking about what products look like, and how they are going to be rolled out.

She added: “Bermuda plays a really important role in that in terms of reinsurance capacity.”

The three-day conference, presented by the Bermuda Business Development Agency, wraps up tomorrow at the Hamilton Princess & Beach Club.

You must be Registered or to post comment or to vote.

Published March 08, 2023 at 7:45 am (Updated March 08, 2023 at 7:45 am)

Ukraine invasion caused drop in ransomware events

What you
Need to
Know
1. For a smooth experience with our commenting system we recommend that you use Internet Explorer 10 or higher, Firefox or Chrome Browsers. Additionally please clear both your browser's cache and cookies - How do I clear my cache and cookies?
2. Please respect the use of this community forum and its users.
3. Any poster that insults, threatens or verbally abuses another member, uses defamatory language, or deliberately disrupts discussions will be banned.
4. Users who violate the Terms of Service or any commenting rules will be banned.
5. Please stay on topic. "Trolling" to incite emotional responses and disrupt conversations will be deleted.
6. To understand further what is and isn't allowed and the actions we may take, please read our Terms of Service
7. To report breaches of the Terms of Service use the flag icon