Many companies have been taken hostage by ransomware. Your company could be next.
Ransomware is a type of malware that infects computers and makes them impossible to use. Files may be encrypted. Programs may be blocked. The cybercriminal responsible for the attack then demands money to release the computer. The Insurance Journal reports that ransomware attacks quadrupled in 2016 and are expected to double again in 2017, based on a new report by specialty insurer, Beazley.
Ransomware attacks cost companies in several ways. Obviously, companies that pay the ransom lose money doing so. Companies may also have to replace damaged equipment. An interruption of business is another serious threat.
Cybercriminals have been known to target any type of organization, both large and small, anywhere in the world.
- In August 2016, a clinic in Grand Prairie, Texas, lost information on 33,638 patients due to ransomware.
- In December 2016, the Cockrell Hill police department in Texas lost eight years of data after a ransomware attack.
- In January 2017, the Los Angeles Community College District paid $28,000 to regain control of campus computers after a ransomware attack.
Before an Attack
Because ransomware attacks are on the rise, some companies are preparing now for the possibility. Below is a list of things you can do now to help prevent and prepare for a future attack.
- Keep backups.
Create regular backups and store the data on a system that is not connected to the main computer system. This way, if an attack occurs, your company will have a secure backup. This allows you to wipe the infected system without suffering a data loss or paying the cybercriminal.
- Keep all antivirus software and firewalls up to date.
This includes the operating system, the browser and all of the plug-ins that a modern browser typically uses. One of the most common infection vectors is a malicious exploit that leverages a software vulnerability. Keeping software up to date helps minimize the likelihood that your system has an exposed vulnerability. This does not offer complete protection, but it’s a good starting place.
Having a “layered approach” to security is one of the clichés of modern infrastructure, but for repelling ransomware, it should be taken seriously. Deploy a layered approach, utilizing technologies such as antivirus, web filtering and firewalls. Most businesses likely use these tools anyway, and more modern consumer security software has personal firewalls and web filtering alongside the more traditional antimalware.
- Train employees.
Many ransomware attacks begin when an employee clicks on a link or attachment in an email. All employees with access to company computers must be trained to scrutinize the legitimacy of emails received and to avoid clicking links in emails.
Ensure your employees’ privileges are locked down, which means companies should be watching or analyzing improper user activity. Employees should not be allowed to access their personal email or social media accounts from work.
- Implement a digital asset protection strategy.
Make a list of your important digital assets – from sensitive data to intellectual property. These are the items that make you most vulnerable to ransomware. Know where these assets are stored and how they are protected and backed up. If a criminal took these digital assets hostage, would you be vulnerable or prepared?
- Make sure you have cyber liability insurance, and that you understand what your policy will and will not cover.
If You’re Attacked
If your company is attacked, you’re in a rough spot. Here’s what you need to do.
- The FBI encourages ransomware victims to file a complaint with the Internet Crime Complaint Center.
- Get your cyber liability insurer involved immediately. Your insurer will have response protocol and expertise in responding to these threats.
- Choose whether to pay. The FBI does not recommend paying and points out that doing so does not guarantee that your data will be restored. However, faced with business interruptions, some companies have opted to pay.
Cyberattacks have quickly become one of the top risk management exposures facing businesses today. If you don’t yet have cyber liability insurance, now is the time to take a closer look. Ask your Higginbotham commercial insurance agent to explain your options.
Related: How cyber insurance works