Ransomware attacks & cyber security insurance (part 1 of 2)
In this Part 1, we will discuss what damages ransomware can inflict, three types of ransomware, three ways of getting infected with ransomware and cyber liability insurance protection. The next blog, as Part 2, we will discuss the pros and cons for paying ransom, preventive measures, and again the importance of having proper cyber liability insurance coverage.
Damages to entities by increased ransomware attacks
Ransomware has taken businesses by storm.
A ransomware attack can spread when the infected file is opened on a computer connected to the network. Once a device is connected, the attack will spread quickly through the network infecting all PCs.
The 2017 “WannaCry” attack affected more than 200,000 victims in 150 countries. Over the past years, there has been a steady increase in ransomware attacks, and small businesses are becoming increasingly the primary targets since they tend to spend less on cyber security hence more vulnerable for hacks.
About 70% of ransomware attacks were targeted towards small businesses in 2018, according to Beazley Breach REsponse Services. “Business detections of ransomware rose 365% from Q2 2018 to Q2 2019, ”according to TechRepublic.
According to the FBI, in 2018 The Internet Crime Complaint Center (IC3) received 351,937 complaints,1,493 of which had losses over $3.6 million, with a total financial losses of $2.7 billion.
Many states’ laws about data breach require informing consumers about any breach of their data by theft or unauthorized access, ransomware attacks may or may not be subject to the same disclosure rules. This could mean that many ransomware attacks are not reported. Businesses are not motivated to let the public know about being a victim of ransomware in order to avoid losing their customers’ trust. The devastation caused by ransomware includes but not limited to:
- Loss of data, revenue, reputation, and potential lawsuits
- Costs for recovery and replacement
- Paying for management IT and other measures of cyber security
Types of ransomware
Ransomware as a form of malware is a type of cyber-attack that can infiltrate all types of computer devices such as desktops, laptops, smartphones and tablets. Anyone can be a victim – businesses, government entities, corporations, nonprofits, or individuals.
- Encrypting Ransomware
Encrypting ransomware is getting to be the most dangerous type because after data is encrypted, as of now, there is no other way to regain access to the data and/or device unless paying the criminals the ransom. (Note: there is no guarantee that the data will be given back even after payment is extorted.)
The encrypting malware can encrypt sensitive data, even files in Cloud, accessible by a computer device and a network. After the files are encrypted, they cannot be opened. Often, a pop-up message such as “Oops your files have been encrypted” will show on the screen, and it will direct paying an amount of money, from several hundred to tens of thousands or more, in bitcoin or crypto-currency, before a code for decrypting the files will be released (hopefully.) The “penalty” for not paying the criminals within a timeframe their demanded ransom is the threat of deleting all the encrypted files.
- Screen Lockers
By locking down the operating system, cyber criminals make recovery of their data the condition for extorting a ransom.
The criminals scare users into paying a ransom with false claims, such as a popup message saying that your device is infected with a virus and that a payment must be paid now to fix the problem.
The 3 common ways to become victimized by ransomware:
- Email attachments: Ransomware can be delivered via a phishing email that appears legitimate but contains an infected attachment, such as a PDF or Word document. Upon opening the attachment, a small software program embedded in the document automatically installs the ransomware. About 88% of malicious emails used attachments to infect computers with ransomware, as reported by Symantec.
- Email links: Phishing emails can have links to websites which contain malware. Once such a link is clicked, the computer is automatically infected by ransomware, sometimes even without the user’s awareness.
- Infected websites: Just navigating on an infected website can get a device infected with ransomware. Cyber criminals either create a viral website or hack a website to deliver ransomware.
Cyber liability insurance and ransomware coverage
Buying cybersecurity insurance policy that covers ransom money, repair and other extortion-related expenses is a small investment that can save large amounts of money, revenue loss caused by computer downtime, and perhaps most importantly, an entity’s reputation.
Other policies covering business interruption or extortion may also cover losses resulting from ransomware, – talk to us to find out the details.
Notify us, or your insurer before paying a ransom, otherwise it may not be covered.
A true story: a strong tech company made software for schools to track attendance, with a good, strong system that comes with lots of protection and strong controls.
One employee took his laptop to a coffee shop and accessed work from the coffee shop’s free Wi-Fi, and the bad guys got in EASILY!
The Ransomware got in and stayed silent for 3 months, lying-in-wait, undiscovered.
Then it activated, and copied all the files in the system for 3 weeks before it was discovered.
Once the files were encrypted by the criminals, they demanded $600k as a ransom to release.
Fortunately, the school district had bought cyber liability insurance. The insurance company tried to negotiate down to $500k, but the hackers then demanded $700k, $800k, then $1.2mil. The insurance company declined and shut the database down.
It costs the insurance company $500k to re-create the database from paper files, to rebuild the backup.
In the next blog, as Part 2, we will discuss the pros and cons for paying a ransom, preventive measures, and again the importance of having proper cyber liability insurance coverage.
We are the Extra-milers to protect businesses and properties
The Rick Callaway Team is known as the Extra Milers in protecting your business, employers, employees, and assets. We leave no stone unturned to get you the best deal. No under-coverage. No overpricing. Fast turnaround, and most of all, we have board level business acumen for understanding your business operations and customizing coverage. Please call us for a free consultation: 925 788 5558 or email us at: firstname.lastname@example.org.