Seoul-based cryptocurrency exchange Youbit has reportedly had its cyber-insurance claim denied by South Korean Dongbu insurance company. This comes after Youbit experienced several hacks during last year, and which the recent one erased 17% of Youbit funds leading it to bankruptcy.
Youbit, formerly known as Yapizon, was initially targeted back in April 2017 where 3,816 bitcoins ($5 millions) were lost in a dexterous cyber hack. South Korean officials believe it was conducted with the support of North Korea. This incident subsequently saw Youbit make every effort to strengthen security, recruit personnel, and reduce hot wallets storage.
However, it would seem these measures were not sufficient, as Youbit was the victim of a second hack in mid-December 2017. Whilst the first hack was relatively minor in the grand scheme of things, the extent of the December hack was truly devastating for the cryptocurrency exchange, with Youbit filing for bankruptcy soon afterward.
The security breach in December saw Youbit lose approximately 17% of the company’s assets, after which the company has gone through formal bankruptcy proceedings to minimize customer fallout.
This has seen a grand total of 25% of customers’ holdings being frozen, in the hopes of being able to refund clients as much as possible once the bankruptcy procedure is completed.
Whilst those afflicted by any cryptocurrency coin hack are usually faced with a grim outlook, Youbit is in somewhat of a unique position, since the exchange was covered by a crypto-insurance from Seoul-based Dongbu Insurance.
The insurance was filed on 1 December 2017, meaning the policy was registered no more than a few weeks ahead of the major December hack that ultimately put Youbit out of business.
The cyber comprehensive insurance policy reportedly covered up to $2.8 million (£2.4 million), for a yearly premium of around $244,400. Following the hack, Yapian applied for the maximum amount of nearly 3 million dollars – however, it is this claim that Dongbu Insurance has now declined.
The insurer decided to refuse payment on the claim for the reason what Dongbu Insurance calls “a failure on Youbit’s part to disclose pertinent information before purchasing the insurance policy,” according to a press release.
Yapian, on the other hand, is accusing Dongbu Insurance of using the hack as an excuse to avoid having to cover any losses that they claim should be covered by the insurance policy.
The cyber comprehensive insurance policy guarantees eight cyber related risks such as data loss or theft, information maintenance violation liability, personal information infringement damage, cyber threat, and network security liability.
It seems that Youbit did not adhere to one of the covers in the insurance policy, which indicates the reason for the insurer refusal of the payout.
A commonly held misconception is that comprehensive insurance covers everything and anything. Although, cyber-insurance is still evolving as an insurance product, insurers will closely examine risks and will reward the clients with the most robust cybersecurity programs.
In light of recent attacks (e.g. WannaCry, Equifax), businesses must prepare to be scrutinized in their levels of security and internal policy controls. Nonetheless, businesses will avoid becoming the next Equifax, and they are increasingly aware of just how costly cyber-attacks can be.
Cybercrime may now costs the world $600 billion according to recent estimations from security firm McAfee in collaboration with the Center for Strategic and International Studies (CSIS). And Willis Towers Watson identified five different cyber insurance trends that could very well increase in 2018 in their latest Marketplace Realities 2018: Cyber risk report.
Cyber insurance growth
These include the fact that yearly premiums will most likely keep increasing, as more crypto companies become aware of their existence. The worldwide premiums are already pegged at around $2.5 billion and are projected to hit an absolutely massive $10 billion as early as 2020.
Furthermore, as more people adopt cryptocurrencies and become accustomed to the technology, it seems likely that more powerful attacks will continue to surface as well, prompted by the increasingly lucrative sector.
Moreover, capacity is forecasted to mimic the rising demand, which would stop prices from inflating too much. The report notes that “the supply of capacity is more than keeping up”, meaning that the effects of dramatically increased demand should be somewhat alleviated.
In addition to this, the report assumes that demand will shift – whilst current coverage is slanted towards the US market, this might very well change as China and the European Union see increased privacy regulations, such as the GDPR (General Data Protection Regulations) enforced from 25 May 2018.
The report also notes that coverage will ultimately expand, which might seem like a foregone conclusion, but is still important to note. Different actors and carriers will address different segments of cyber insurance, forming a comprehensive coverage system that gives the option to safeguards against any eventuality.
South Korea is one of the most Internet-connected nations in the world, made evident in the meteoric rise and early adoption of cryptocurrencies in the country. However, the cyber insurance sector in South Korea is currently believed to be worth an equivalent of $26.5 million – which South Korean authorities are suspecting that this might be a massive undervaluation.
This has prompted the South Korean Ministry of Science, ICT and Future Planning to recently sign an agreement intending to boost the growth of the Korean cyber insurance market.
The Korea Insurance Research Institute believes that the American cyber insurance segment will grow at a pace of up to 50% per year, meaning South Korea will have to dramatically accelerate its own cyber insurance growth in order to catch up.
Professor Kim Tae-sung of the Chungbuk National University is convinced that this disproportionately small South Korean cyber insurance sector stems from systematic problems.
”South Korea’s insurance market is less developed than its IT industry and, as such, cooperation between its security and insurance sectors is essential as of now, and the cooperation can start from the development of a standard glossary for more communication between the two sides”, he recently told Business Korea.