Ransomware Resilience and Recovery Planning for Insurance Infrastructure
DOI:
https://doi.org/10.63282/3050-9416.IJAIBDCMS-V1I4P104Keywords:
Ransomware, Cybersecurity, Insurance, IT Infrastructure, Business Continuity, Incident Response, Immutable Backup, Disaster Recovery, Threat Detection, Recovery PlanningAbstract
Insurance businesses have been depending more on digital infrastructures to manage their policies, process claims, manage their customer information, and money transfer activities. This reliance makes insurers vulnerable to advanced cyber-attacks, especially the ones involving ransomware that risks to paralyze operations, damaging sensitive information, and causing great financial and reputational damage. This paper discusses a comprehensive ransomware resilience and recovery planning strategy for insurance infrastructure. Starting with a threat landscape analysis provides us with a list of some popular ransomware or methods used to attack insurance systems. An analysis of high-profile incidents is conducted to gain insight into their impact on operations and the economy. This leads to a conversation about the special weaknesses of insurance information technology ecosystems, such as high-value data stores and sophisticated third-party integrations. A multi-layered defense is suggested, which will embrace proactive defense measures such as malware defense, phishing defense, network segmentation, real-time threat alerts and awareness programs to employees. Beyond that, the paper outlines a comprehensive disaster recovery strategy that includes incident response preparedness, immutable backups, disaster recovery automation, and post-incident assessment. An architecture and workflow model are proposed that will enable a resilience framework to be easily integrated into existing insurance systems. This framework focuses on detecting, containing and recovering within short periods to reduce the effect on business. Finally, this paper combines practical recommendations and well-established methodologies to address ransomware preparedness in insurance enterprises, helping them protect their key assets and maintain operations
References
[1] Zio, E. (2016). Challenges in Vulnerability and Risk Analysis of Critical Infrastructures. Reliability Engineering & System Safety, 152, 137-150.
[2] Platt, S., Brown, D., & Hughes, M. (2016). Measuring resilience and recovery. International Journal of Disaster Risk Reduction, 19, 447-460.
[3] Sittig, D. F., & Singh, H. (2016). A socio-technical approach to preventing, mitigating, and recovering from ransomware attacks. Applied clinical informatics, 7(02), 624-632.
[4] IBM Security & Ponemon Institute, Cost of a Data Breach Report, 2019.
[5] Zimba, A., Wang, Z., & Simukonda, L. (2018). Towards data resilience: The analytical case of crypto ransomware data recovery techniques. International Journal of Information Technology & Computer Science, 10(1), 40-51.
[6] Chen, L., Yang, C. Y., Paul, A., & Sahita, R. (2018). Towards resilient machine learning for ransomware detection. arXiv preprint arXiv:1812.09400.
[7] Dudley, R. (2019). The extortion economy: How insurance companies are fueling a rise in ransomware attacks. Pro Publica.
[8] Kok, S., Abdullah, A., Jhanjhi, N., & Supramaniam, M. (2019). Ransomware, threat and detection techniques: A review. Int. J. Comput. Sci. Netw. Secur, 19(2), 136.
[9] Butt, U. J., Abbod, M., Lors, A., Jahankhani, H., Jamal, A., & Kumar, A. (2019, January). Ransomware Threat and Its Impact on SCADA. In 2019, IEEE 12th International Conference on Global Security, Safety, and Sustainability (ICGS3) (pp. 205-212). IEEE.
[10] Nadir, I., & Bakhshi, T. (2018, March). Contemporary cybercrime: A taxonomy of ransomware threats & mitigation techniques. In 2018 International Conference on Computing, Mathematics and Engineering Technologies (iCoMET) (pp. 1-7). IEEE.
[11] Microsoft Security Blog, “WannaCrypt ransomware worm targets out-of-date systems,” May 12, 2017.
[12] Connolly, L. Y., & Wall, D. S. (2019). The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures. Computers & Security, 87, 101568.
[13] Ophoff, J., & Lakay, M. (2018, August). Mitigating the Ransomware Threat: A Protection Motivation Theory Approach. In International Information Security Conference (pp. 163-175). Cham: Springer International Publishing.
[14] Egan, R., Cartagena, S., Mohamed, R., Gosrani, V., Grewal, J., Acharyya, M., ... & Ang, K. (2019). Cyber operational risk scenarios for insurance companies. British Actuarial Journal, 24, e6.
[15] Zio, E. (2016). Critical infrastructures vulnerability and risk analysis. European Journal for Security Research, 1(2), 97-114.
[16] Tuttle, H. (2016). Ransomware attacks pose a growing threat. Risk Management, 63(4), 4-7.
[17] Zimba, A., & Chishimba, M. (2019). On the economic impact of crypto-ransomware attacks: The state of the art on enterprise systems. European Journal for Security Research, 4(1), 3-31.
[18] Choo, K. K. R. (2011). Cyber threat landscape faced by the financial and insurance industry. Trends and issues in crime and criminal justice, (408), 1-6.
[19] NIST Special Publication 800-61 Revision 2, Computer Security Incident Handling Guide, August 2012.
[20] Liska, A., & Gallo, T. (2016). Ransomware: Defending against digital extortion. " O'Reilly Media, Inc.".
