Your Money or Your Life, Ransomware Edition

Aug 21

8–21–2023 (Monday)

Hello and welcome to another edition of The Intentional Brief - your weekly video update on the one big thing in cybersecurity for growth stage companies, investors, and management teams.

I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.

Today is Monday, August 21, 2023, and even though a lot of folks are on vacation, we’re seeing a them emerge in the wake of the continued onslaught from ransomware attacks: your money or your life.

Your Money or Your Life, Ransomware Edition

To borrow a turn of phrase from the popular self-help book of the same title, there’s been reporting along two different streams over the last week that should help us understand the potential for impact around ransomware, and help calibrate our thinking, actions, and investments around security and resilience in defending against these attacks.

First, your money. The Boston Globe reported on Friday that Point32Health - Massachusetts second-largest insurer - reported an operating loss of $102.7M for the first 6 months of the year, and their CFO “attributed the loss largely to the cyber incident, which he called ‘transient and one time in nature.’

While it might be convenient for the CFO to see it as transient and one-time in nature, the impacts detailed in the rest of the article certainly aren’t transient.

Not only are they spending money on incident response and system restoration, the article notes that they’ve been delayed in paying claims - and have been paying 1.5% interest on those delayed claims.

Additionally, the article notes that they likely paid more than they otherwise would have because the attack “eliminated prior authorization requests for services” for nearly three months.

Also, the attack forced the insurer to take systems offline and re-establish connections and vendors, as well as the potential costs around ongoing litigation.

These impacts are really truly disruptive and hard to generally quantify.

We have another peek behind the curtain out of Australia, published on the same date (Friday 8/18).

Latitude Financial notes a loss of $98.2M, with an actual recorded spend of $53M on cyber.

Company representatives characterized the impact as “For a period of six weeks, new originations stopped, receivables declined, pricing actions were paused, and collections activities were significantly disrupted”.

“The last six months have been the most difficult in our company's history, and the intensity of this period is frankly quite challenging to describe," Belan said - noting there are still “several matters to be resolved in the aftermath of the cyber incident” - which took place five months ago in March of 2023.

So, that’s the money part. And your health? An article from this morning outlines how “Weeks After Cyberattack, Systems Still Offline at 16 Hospitals, Dozens of Clinics in 6 States.” An attack on Prospect Medical Holdings, “which runs 16 hospitals and dozens of other medical facilities in California, Connecticut, Pennsylvania, Rhode Island and Texas, could not say when operations might return to normal.”

“We do not yet have a definitive timeline for how long it will be before all of our systems are restored.”

To be honest about the situation, it’s dire. We’re losing lives and millions of dollars, and we don’t seem to be getting much better at deterring, detecting, disrupting, and recovering from these attacks.

The quote from the Latitude spokesperson says it all, and is worth repeating:

“the intensity of this period is frankly quite challenging to describe”

This goes far beyond an ounce of prevention is worth a pound of cure - we need to be doing the assessments, making the investments, and encouraging our people, process, and technology to evolve - because when it’s too late, it’s simply too late.

Fundraising

From a fundraising perspective, a pretty slow week this past week, save for the $6B GPB announced by Hayfin of London for their fourth direct lending fund.

I’m not surprised, given that it’s peak vacation season - and would imagine that the week ahead will also be pretty light (save for the outside chance that ARM files for their long-awaited IPO and we get to see some real numbers there).

You can find all the links to the stories we covered below, find back issues of these videos and the written transcripts at intentionalcyber.com, and we’ll see you next Monday for another Intentional Brief.

Links

https://www.bostonglobe.com/2023/08/18/metro/insurer-breach-loss-cost-ransomware/

https://www.itnews.com.au/news/latitude-financial-flags-76-million-in-cyber-incident-costs-599350

https://www.claimsjournal.com/news/national/2023/08/21/318850.htm

Shay Colson

Your Money or Your Life, Ransomware Edition

Vulnerability PoCs: What’s It Mean To Me?

16 Years of Data Lost - Retention Policy, Please?

How can we help?