HomeCyber BalkansImpact of Change Healthcare attack on cyber insurance

Impact of Change Healthcare attack on cyber insurance

Published on

spot_img

Cyber insurance carriers are facing new challenges in light of the increasingly dangerous ransomware threat landscape, as evidenced by recent attacks on UnitedHealth’s Change Healthcare and CDK Global. The surge in ransomware activity in 2023 set records, and the impact on victim organizations has been significant and disruptive. The attack on Change Healthcare earlier this year left the healthcare billing and revenue services provider unable to reimburse customers, leading to delays and reportedly causing some companies to shut down.

More recently, CDK Global, a provider serving automotive dealerships, experienced extended downtime and significant disruptions following a ransomware attack. These high-profile incidents have raised concerns among infosec experts and cyber insurance vendors about the need to adapt to evolving threats and the impact on underwriting and policies going forward.

The ransomware gang BlackCat/Alphv claimed responsibility for the Change Healthcare attack, which resulted in months-long disruptions to patient care and healthcare services. Despite paying a hefty $22 million ransom, it took time for Change Healthcare to fully restore operations, prompting the National Security Agency to warn against giving in to ransom demands.

The challenges posed by ransomware attacks have put insurers in a difficult position, particularly when it comes to coverage for downstream fallout and supply chain events. Peter Hedberg, from Corvus Insurance, emphasized the need for a deeper understanding of the services used by different segments, highlighting the importance of underwriting and assessing aggregation risks.

As the insurance industry grapples with these complex issues, Sezan Seymour from Coalition stressed the importance of organizations being mindful of third-party risks and their potential impact on clients. Meanwhile, Chet Wisniewski of Sophos suggested that supply chain coverage may need to be reevaluated in light of recent attacks on CDK Global and Change Healthcare.

The incident response to the Change Healthcare attack was scrutinized by experts, with concerns raised about the company’s preparedness and resilience. While some praised Change Healthcare for its proactive response and client communication, others highlighted the need for better backup strategies and incident response planning.

Looking ahead, experts anticipate a ripple effect from these attacks, with downstream customers likely to file contingency claims and adjust their premiums. The evolving nature of cyber threats and the impact on insurance policies suggest that insurers will need to reassess their coverage options and risk management strategies moving forward.

In conclusion, the ransomware threat landscape is evolving rapidly, and insurance carriers must adapt to meet the growing challenges posed by these attacks. The incidents involving Change Healthcare and CDK Global serve as a stark reminder of the need for proactive risk management and effective incident response strategies in the face of increasingly sophisticated cyber threats.

Source link

Latest articles

Apple Releases Zero-Day Patch Updates for Older Devices

Apple has recently released a series of critical security updates to address vulnerabilities that...

Managing the Risks of Vault Sprawl Due to Mergers and Acquisitions in Large Enterprises

In the world of modern enterprises, the management of secrets, including API keys, authentication...

Minnesota IT director warns that federal funding cuts for cybersecurity could leave state vulnerable – Axios

The recently proposed federal cyber funding cuts are causing concern in Minnesota, with the...

zkLend Hacker Falls Victim to $5.4M Tornado Cash Scam

In a surprising turn of events, the hacker responsible for the $9.57 million exploit...

More like this

Apple Releases Zero-Day Patch Updates for Older Devices

Apple has recently released a series of critical security updates to address vulnerabilities that...

Managing the Risks of Vault Sprawl Due to Mergers and Acquisitions in Large Enterprises

In the world of modern enterprises, the management of secrets, including API keys, authentication...

Minnesota IT director warns that federal funding cuts for cybersecurity could leave state vulnerable – Axios

The recently proposed federal cyber funding cuts are causing concern in Minnesota, with the...