<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

Corvus Updates Scan with RDP Detection, Cuts Ransomware Claims by 65%

With version 2.0 of the Corvus Scan, Corvus works with Brokers and Policyholders to reduce Ransomware Claims.

We're Proud to Announce the Corvus Scan 2.0

BOSTON, MA September 22, 2020 / Corvus Insurance, a leading provider of Smart Commercial Insurance products powered by AI-driven risk data, today announced the results of the first 20 weeks of its Corvus Scan version 2.0, including a dramatic reduction in ransomware claims both among new policies and its existing policy base. The new version includes detection of and alerting on Remote Desktop Protocol (RDP) vulnerabilities, the most common entry point for ransomware attacks, as well as other new features.

Ransomware claims account for 24% of all Cyber Insurance claims and have been growing in frequency and severity. The average ransom demand was $178,254 in the second quarter of 2020, up 60% from the previous quarter according to Coveware, a leading ransomware incident response firm. And more than half of all ransomware-related incidents started with a vulnerable RDP port.

Reducing Ransomware Claims

Since the launch of the Corvus Scan 2.0 in April 2020, Corvus has written or renewed several thousand Cyber Insurance policies. The company’s overall rate of ransomware claims has dropped 65%, from 26% of all claims to a rate among the new policies of 9%. In fact, new policies have had zero RDP-caused ransomware claims during that time. Several Corvus policyholders did experience ransomware caused by other vectors of attack. 

The Corvus Scan analyzes numerous IT security assets in order to provide actionable, prioritized IT security recommendations. In addition, Corvus alerts policyholders to new risk exposures that arise out of changes in the external environment or the policyholder’s internal defenses. The Corvus Breach Response team provides consultation with brokers and their policyholders to achieve the desired outcome of fewer claims. 

“The results are staggering,” says Bill Siegel, CEO of Coveware, a leading ransomware incident response firm. “This initiative not only helps Corvus policyholders avoid attacks, but decreases the available supply of stolen RDP credentials on the dark market. A decrease in supply directly translates to an increase in cost to the cybercriminals. It’s a perfect example of how insurance can serve its primary purpose of financial risk transfer, while also nudging the entire cyber ecosystem towards a safer place."

“We’re excited to report on the success of this new initiative and are looking forward to continuing on its early momentum to further help the industry with the massive concern ransomware presents,” said Mike Karbassi, Head of Cyber Underwriting  at Corvus Insurance. “We’re pleased with the early results and know that this type of vulnerability has historically been a pain point for our clients.”

This initiative comes on the heels of a year of accelerated growth at Corvus. 

Recent Articles

Attackers Targeting VPNs Account for 28 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat Report


Established groups dominated ransomware activity for Q3 2024, including RansomHub, PLAY, and LockBit 3.0. Read the full press release here.

Global Ransomware Attacks, Demands and Payments Rose in Second Quarter According to Corvus Insurance Cyber Threat Report


Q2 2024 Sets Record for Second Most Global Ransomware Attacks in a Quarter, Average Ransom Demand Soars by 102%. Keep reading to learn more.

Corvus Insurance Doubles Underwriting Offering, Expands Small Business Cyber Offering


Full transition to Travelers Excess and Surplus Lines paper completed.