As IT systems and data play increasingly important roles in business, opportunities for cybercriminals continue to grow. For the first time, the annual Allianz Risk Barometer Report found cybercrime to be the number one concern for companies around the globe.
The increase in concern over cybercrime coincides with a rise in the number of ransomware attacks—and the dollar amount of payouts. A quick search of ransomware attacks in 2019 reveals that some 55 percent of SMBs in the United States were forced to pay hackers following an attack.
Unfortunately, experts believe that ransomware trends for 2020 will continue in this direction with attacks becoming more sophisticated and harder to defend against—for organizations of every shape and size.
The potential consequences of a ransomware attack extend beyond temporary business interruption and can impact your brand reputation, result in lost business, regulatory fines, and lawsuits, not to mention the costs of incident response, bitcoin payments, and operational recovery. To mitigate the ransomware threat and its resulting costs, it’s vital to have strong cyber risk management practices in place as well as cyber insurance.
With nearly 20 years of experience providing cyber risk assessment and data breach services, NetDiligence is a trusted provider of cyber risk solutions for enterprises and leading cyber insurance carriers. In this post, we draw on our experience to help your team bolster cyber readiness to defend against ransomware attacks.
The Growing Ransomware Threat
Ransomware is an ugly component of cybercrime that began menacing businesses around 2006. Since then, these attacks have caused businesses, government agencies, healthcare organizations, schools, and private individuals billions of dollars.
There are two main types of ransomware: crypto-ransomware and locker-ransomware.
In a crypto-ransomware attack, cybercriminals encrypt valuable files, folders, and hard-drives on a device so users cannot access them. The attacker will then demand a payment (i.e., extortion) for the encryption key to release the files. One of the most infamous and destructive examples of this type of ransomware was the 2017 WannaCry attack.
Although now less common, the second type, locker-ransomware, can still cause great damage to an organization. In this type of attack, cyberthieves gain control of a device’s operating system and lock users out entirely.
What’s the Potential Cost?
As per NetDiligence’s own Cyber Claims Study which analyzed more than 1,000 cyber claims, almost half of these cases originated from ransomware attacks.
Our Cyber Claims Study also found that the average cost for a ransomware event was $150k for small and medium enterprises. For large companies, the cost can be much greater with criminals demanding millions of dollars in ransom payments.
Unfortunately, the cost of a ransomware attack typically doesn’t end when the ransom is paid. Even after an attack, lost business income and recovery expenses are likely to continue impacting your business. Recovery expenses can include:
- Restoring encrypted data from a backup data repository
- Paying out Bitcoin
- Hiring a Breach Coach® lawyer
- Hiring a computer forensic investigation team
- Notifying clients
- Defending against any litigation or regulatory enforcement actions resulting from the incident
Who’s at Risk?
No organization is immune to the risk of ransomware attacks. From professional services to finance, healthcare, and education, ransomware has caused damages in every industry, public and private.
The 2017 WannaCry attack is an excellent example of the indiscriminate nature of ransomware. It is widely believed a rogue nation-state hacking group was behind the attack, initially targeting government organizations such as rail systems, healthcare systems, and public utilities. Despite that the intended targets were government-related, thousands of businesses were also held hostage by the malicious code. It is estimated the event cost $4 billion in damages across the globe.
It’s also a mistake to think that only large organizations that have supply chain networks or possess sensitive information are at risk. Our Cyber Claims Study found that 96 percent of claims come from companies with less than $2 billion in annual revenue, while data from CIO suggests the majority of cyber breaches occur at companies with fewer than 1,000 employees.
When it comes to valuable data being the target, companies need to realize that you don’t have to manage health records or tax documents for data to be valuable to hackers. Customer personal information, payment records, and vendor account info can all be held up for ransom at great expense to your business.
Don’t Wait to Be a Victim
Simply having up-to-date anti-virus software installed on your machines doesn’t cut it anymore. Threat exposures continue to evolve, and your cyber defenses need to as well. To safeguard business operations and the data your organization is responsible for, you need to have next-generation malware protection installed on servers, laptops, smartphones, and any other system end-points. Some action that can help bolster your cybersecurity include:
- Turning off Remote Desktop Protocols (RDPs) ports to deny cybercriminals easy access to your network through the internet.
- Segmenting your networks so that groups of users, applications, and systems live on separate infrastructures so a breach of one is not a beach of all.
- Improving authorization and access control with two-factor authentication and reduced network permissions
- Backing up important data to separate hard drives or multiple servers so cybercriminals do not gain control of your only dataset
- Training employees to set strong passwords, protect company and personal information, recognize phishing emails (‘think before you click’), and other best cyber practices.
Even with the best preparation, no network is invulnerable to determined attackers. That’s why it’s vital to regularly assess your cyber risk and cover exposures with cybersecurity insurance.
Improve Your Cyber Readiness with NetDiligence
At NetDiligence, we partner with the leading cyber breach lawyers in the country, seasoned breach coaches, computing forensics groups, and other industry experts to create the best possible cyber defense resources available that minimize losses in the event of an attack.
Our cyber services support both insurers and their policyholders to maximize cyber readiness
For more anti-ransomware tips, please see Must-Have Ransomware Safeguards, a NetDiligence call-to-action paper inside the eRiskHub®.