Corvus Updates Scan Technology with RDP Detection, Slashes Ransomware Claims by 65%
With version 2.0 of the Corvus Scan, Corvus works with Brokers and Policyholders to reduce Ransomware Claims
BOSTON, MA September 22, 2020 / Corvus Insurance, a leading provider of Smart Commercial Insurance products powered by AI-driven risk data, today announced the results of the first 20 weeks of its Corvus Scan version 2.0, including a dramatic reduction in ransomware claims both among new policies and its existing policy base. The new version includes detection of and alerting on remote desktop protocol (RDP) vulnerabilities, the most common entry point for ransomware attacks, as well as other new features.
Ransomware claims account for 24% of all Cyber Insurance claims and have been growing in frequency and severity. The average ransom demand was $178,254 in the second quarter of 2020, up 60% from the previous quarter according to Coveware, a leading ransomware incident response firm. And more than half of all ransomware-related incidents started with a vulnerable RDP port.
Since the launch of the Corvus Scan 2.0 in April 2020, Corvus has written or renewed several thousand Cyber Insurance policies. The company’s overall rate of ransomware claims has dropped 65%, from 26% of all claims to a rate among the new policies of 9%. In fact, new policies have had zero RDP-caused ransomware claims during that time. Several Corvus policyholders did experience ransomware caused by other vectors of attack.
The Corvus Scan analyzes numerous IT security assets in order to provide actionable, prioritized IT security recommendations. In addition, Corvus alerts policyholders to new risk exposures that arise out of changes in the external environment or the policyholder’s internal defenses. The Corvus Breach Response team provides consultation with brokers and their policyholders to achieve the desired outcome of fewer claims.
“The results are staggering,” says Bill Siegel, CEO of Coveware, a leading ransomware incident response firm. “This initiative not only helps Corvus policyholders avoid attacks, but decreases the available supply of stolen RDP credentials on the dark market. A decrease in supply directly translates to an increase in cost to the cybercriminals. It’s a perfect example of how insurance can serve its primary purpose of financial risk transfer, while also nudging the entire cyber ecosystem towards a safer place."
“We’re excited to report on the success of this new initiative and are looking forward to continuing on its early momentum to further help the industry with the massive concern ransomware presents,” said Mike Karbassi, Head of Cyber Underwriting at Corvus Insurance. “We’re pleased with the early results and know that this type of vulnerability has historically been a pain point for our clients.”
This initiative comes on the heels of a year of accelerated growth at Corvus.
A hacked power grid turning the lights out for millions, a dam being controlled by an adversary — these are the kinds of nightmare situations cybersecurity researchers often talk about in the context of cyber warfare or state-sponsored terrorism.
As ransomware rose to become the single biggest driver of cyber insurance claims in 2020, we felt that this aspect of cyber risk deserved more detailed reporting for brokers and policyholders. So we got to work. We decided to re-create one aspect of our overall cyber risk score, adding more detail and providing a separate report page in Smart Cyber quotes. You can read about the specifics of the score here.