AXA S.A., a global insurance organization based in Paris that also provides investment management and other financial services, has disclosed on Thursday that it will halt cyber insurance policies in France that refund those affected by ransomware attacks for payment made to hackers.

According to the company, AXA made this decision following a request of French government officials who are being more and more concerned as ransomware incidents become a daily event for companies everywhere.

The U.S. is the only country in the world that surpassed France last year in damage from ransomware attacks to health centers, local governments, schools, and companies, as stated by the cybersecurity firm Emsisoft, evaluating France’s related overall losses at more than $5.5 billion, often left crippled for days or weeks.

At this point, as insurance companies started to cease reimbursing ransomware payments, it’s clear that the only way forward is to invest in proper anti-ransomware protection

Heimdal Official Logo
Neutralize ransomware before it can hit.

Heimdal™ Ransomware Encryption Protection

Specifically engineered to counter the number one security risk to any business – ransomware.
  • Blocks any unauthorized encryption attempts;
  • Detects ransomware regardless of signature;
  • Universal compatibility with any cybersecurity solution;
  • Full audit trail with stunning graphics;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

According to Christine Weirsky, a spokeswoman for the U.S. AXA subsidiary, the suspension will not influence any existing policies, being applied only to France.

She also stated that it doesn’t affect coverage for responding and recuperating from ransomware assaults, in which threat actors including Russian criminals break into networks, spread malware, and cause severe damage to them.

Cyber insurance provider Coalition showed in a report published in September 2020 that ransomware attacks constituted 41% of all cyber insurance claims filled at the beginning of 2020.

The insurance enterprise stated there was a 260% growth in the rate of occurrence of ransomware incidents amid their policyholders and they discovered that the average ransom requested increased 47%. Claims fluctuated from as low as $1,000 to $2 million.

According to cybersecurity specialists, the emergence of cyber insurance policies that comprised coverage for ransom payments was having a catastrophic impact on the ransomware popularity assaults and was actually stimulated the occurrence.

Following the insurance firm’s decision to stop covering company payouts, ransomware cybercriminals became more and more shameless throughout 2020 and 2021.

Important government institutions such as health facilities, schools, and universities have been the main targets of ransomware attacks last year, threat actors knowing they will probably have to pay the ransom in order to recover their important data.

Cowbell Cyber CEO Jack Kudale stated:

This decision is not a surprise to us. In fact, other carriers may follow the suit. However, businesses need protection from these events and in some cases even from going bankrupt due to ransomware.


According to Sean Cordero, security advisor at Netenrich, even more cyber insurance companies are expected to attempt to reduce their exposure from high-risk policies they’ve written or are considering underwriting, making it more difficult to secure or renew policies.

Cordero also said that some insurance firms will ask for new proof and validation from their policyholders to demonstrate that the policyholders’ controls’ are sufficient.

This validation is complex, and many insurers still rely on client self-attestation as the primary input to risk and policy determination. These insurers will hopefully transition to more data-driven models specific to the cybersecurity industry. For huge organizations, this may translate into third-party audits before completing underwriting.


Some researchers called AXA’s decision intelligent. Multiple companies seem more inclined to pay the ransom if they don’t have to pay it with their own money. This circle can be broken by ceasing to reimburse ransom demands.

Cyber Insurance: Should You Consider It For Your Company?

Heimdal Joins No More Ransom in the Global Fight against Ransomware

Leave a Reply

Your email address will not be published. Required fields are marked *