Several cyberattacks made headlines in 2017. Incidents like the WannaCry ransomware infection and the Equifax data breach don’t appear to be flukes. Instead, they’re part of a bigger trend, and one that’s expected to continue through 2018. And hackers aren’t the only online threat. Infringement of intellectual property, defamation and other perils await anyone doing business online.
Computer viruses can infect a single computer or an entire network after one wrong click. Also called malware, computer viruses can slow computers down or prevent them from working entirely. Viruses can also steal private information, and infected computers may send emails to contacts in order to spread the virus.
There are many types of computer viruses, but in 2017, ransomware received the most attention. This particular class of malware works by encrypting files on an infected system. The hackers behind the attack then demand a ransom to release the files. Many businesses pay the ransom to end the threat of business interruption. However, this doesn’t always work, and the files may be lost forever despite payment.
Ransomware attacks have been on the rise, and in some cases, they may even be backed by foreign governments. The WannaCry attack alone infected hospitals and other organizations around the world. In a Wall Street Journal article, Thomas Bossert, an assistant to President Trump for homeland security and counterterrorism, stated that the WannaCry attack “was widespread and cost billions, and North Korea is directly responsible.”
Data breaches have been another troubling trend. The Equifax data breach, which exposed the Social Security numbers of 143 million Americans, made headlines, but it was far from the only incident.
When a company suffers a breach, it can face reputational damage. The company may also experience direct loss due to the cost of notifying affected customers and paying for credit monitoring services. Companies may also face lawsuits. According to Consumer Reports, more than 50 class-action lawsuits have been filed against Equifax over its breach. Organizations that handle protected medical information may also face HIPAA fines after a breach. Presence Health agreed to pay $475,000 for violating the HIPAA Breach Notification Rule.
According to the Pew Research Center, 70 percent of Americans now use social media. Many consumers expect to be able to reach companies online through social media, and many companies find that social media is an excellent way of engaging with their customers.
However, this trend is not without its risks. Due to the nature of social media, information can spread very quickly, and in the era of “fake news,” this is not always a good thing. Companies may find themselves faced with claims of defamation or instances of intellectual property infringement.
Prevention is the best strategy.
- Train all employees to identify and avoid risks, including phishing emails and dangerous links.
- Keep computer and Wi-Fi systems up to date and secure. Download security patches as soon as they’re available and use anti-virus software and firewalls.
- Require employees to use strong passwords and to keep USB flash drives, laptops and other portable devices secure.
Good cyber practices make a cyber incident less likely, but they do not eliminate the threat entirely. Business also need to plan for an attack.
- Back up essential files on a separate system in case a virus infection occurs.
- Create a response plan, which should include how to notify customers of a breach.
- Use cyber liability insurance to transfer risk.
To learn more about your cyber insurance and risk management options, contact the experts at Higginbotham.