Ransomware attacks, where hackers steal computer files and demand money in return, have exploded during the pandemic. The average ransom payment went from $41,000 in the third quarter of 2019 to $234,000 in 2020, according to Coveware, a ransomware mitigation company.
Now Coalition, a three-year-old cyber insurance startup, is seeing soaring demand for its services. This fall, it reached $100 million in annualized premium revenue, up from $50 million a year ago.
The trend of escalating ransomware is deeply troubling. “I saw a $100 million ransom demand just this past week,” says Coalition CEO Joshua Motta. Last month, a hacker reportedly stole medical records from a psychotherapy center in Finland, then contacted its mental-health patients and demanded money from each one. In September, a ransomware attack on a German hospital led to a patient’s death.
Coalition provides cyber insurance for an eclectic set of 27,000 small and medium-sized businesses, including churches, farms, country clubs, venture capital firms and a popular hot sauce company. Its insurance covers incidents ranging from a ransomware attack to a company getting overcharged on a large online expense. To cover $1 million in potential damages, Coalition charges premiums of $1,500 to $3,000 a year. In May, the 150-person startup raised $90 million in funding at a $900 million valuation.
Motta, 37, founded Coalition in March 2017. Before Coalition, he did stints at organizations like the CIA, Goldman Sachs and Cloudflare, a $20 billion web infrastructure and security company.
In the U.S. cyber insurance market, the biggest players are companies like AIG, Chubb and Axa XL. Coalition tries to differentiate by using more technology, Motta says.
For example, hackers often break into a company’s computers by using Microsoft Remote Desktop Protocol, or RDP. If you’ve ever had an IT person take over your computer screen to troubleshoot a problem, you’ve likely used RDP. It’s convenient, but it also gives anyone with an Internet connection a potential doorway into your computer. To evaluate the risk of a potential client, Coalition electronically scans a company’s devices for RDP. (If it finds the program, Coalition asks the business to disable it and use an alternative service.) And Coalition keeps scanning once you’ve become a customer. “If you’re a policyholder, we scan you 65,000 times a week,” Motta says. “Other insurance carriers are literally basing their assessments on what companies submit in a paper application.”
Coalition also uses technology to decline service to some customers. The startup refuses to provide cyber insurance to standalone IT companies, because Motta deems the risks too high. If an IT firm is hit with a cyber attack, all of its clients are often compromised. To screen out and block these companies from coverage, Coalition analyzes a website domain name using machine learning algorithms. The analysis tells Coalition whether a business is an IT provider. “It’s 96% accurate,” Motta says. He thinks that if Coalition simply asked companies what their business was, many IT providers would slip through the cracks, leaving Coalition with much higher risks than what it’s comfortable bearing.
social experiment by Livio Acerbo #greengroundit #thisisnotapost #thisisart