An innovative American insurance company, Corvus, has reported a drop of 65% in ransomware claims after they started insisting on vulnerability scans of the client’s network before providing cyber-insurance.
Lauren Winchester of Corvus states in a recent blog post:
Our automated scan locates threats like unprotected RDP upon quoting for new business and we notify the broker and policyholder. Since implementing RDP alerts and pre-bind checks, we’ve seen a dramatic decrease in ransomware claims for the new policyholders impacted, something we will cover in greater detail in an upcoming report
Unsecured RDP (Remote Desktop Protocol) connections are the primary attack vector for Ransomware (according to the FBI at this year’s RSA security conference) and regular vulnerability scans can identify them and allow security teams to take steps to protect them.
With home-working set to remain a thing for the foreseeable future, those remote working environments rushed out at the start of lockdown remain in place and are attractive pickings for cyber-criminals.