Whether you own a business or work within the security department for your organization, there is one thing you cannot deny: There’s a need for top-notch cybersecurity implementations and protocols in today’s digital marketplace. Whether its password lockout policies designed to protect the accounts of users within a network or hiring staff to maintain and monitor your security posture, evolving attack vectors never sleep, and attackers will work 24-hour shifts to steal your data.
But what happens if our systems become compromised? Better yet, how should security professionals position themselves to protect the financial infrastructure their business relies on to maintain its operating costs while dealing with ransomware attacks? If you have been asking yourself this question, here is why you should consider business insurance policies that protect your organization during and after a ransomware attack.
For individuals working outside the realm of cybersecurity, the thought of a ransomware attack never crosses their minds. And when probed as to what a business should do if they become the victim of ransomware, they are left scratching their heads in confusion.
In general terms, a ransomware attack is when an attacker encrypts sensitive data and demands payment for a key that decrypts pertinent documents. To simplify this attack further, consider the following scenario: John Doe has documents that contain his clients’ credit card numbers, home addresses, phone numbers, email addresses, social security numbers and full names inside of his car.
An attacker sees these documents and notices John failed to lock his doors before heading into his home. That night when Doe goes to sleep, the attacker gets inside John’s car, changes the locks to devices only he has the key to and waits. The following morning when John opens his automobile to retrieve his data, the attacker shows up and offers John the key to unlock his car for a hefty sum.
John Doe now finds himself in a tricky situation: Does he give the money to the attacker and get his data, or does he ignore the attacker’s presence and tell his customers about the attack? Although this illustration is somewhat comical, it is a dilemma that organizations and medical facilities face daily.
Who is at Risk?
To put it bluntly, every organization with a networked device is susceptible to a ransomware attack, but the statistics are not easy to define. For example, new data shows us the US-based healthcare facilities and hospitals suffer the most from ransomware-based attacks. In these attacks, hackers compromise systems with weak security and misconfigured services to infiltrate the inner workings of an organization.
From here, they pivot their efforts and branch into other systems contained within the network, such as the payroll department, servers and cloud services that store client information, account numbers and other sensitive data. Once inside, hackers encrypt the data using strong passwords that would take thousands of years for a supercomputer to crack. When they have completed the encryption process, they contact the security department and management seeking compensation in exchange for the encryption key.
And contrary to popular belief, once the hackers received compensation (usually in the form of Bitcoin), they gave the keys away freely. Although outsiders often fear being scammed and given a fake key only to have their data destroyed, many cybercriminals readily hand the data back to its rightful owners.
But it does not have to be this way. Here are a few ways to implement security controls that protect your data without paying criminals for their malicious behavior:
- Use strong passwords and never reuse old passphrases
- Implement least-privilege policies
- Educate your staff about phishing attempts, malicious links, impersonation, and spear-phishing attacks
- Use implicit deny rules on your firewall
- Utilize intrusion detection systems and create a cybersecurity incident response plan
- Use a ransomware business insurance policy for your organization’s unique needs
While these techniques and implementations are not 100% fault-proof, they are the best way to protect your architecture and data from becoming compromised. And at the end of the day, the most vulnerable vector inside an organization is its employees. Make a consistent effort to educate your workers by showing them how impactful their actions are for their company’s security. With an accidental click or harmless download, they can infect the network and bring the organization to a halt.
Ransomware Insurance Policies for Businesses
Although we would like to think our security will protect our organization 100% of the time, the reality is that every business will become compromised on a long enough timeline. Rather than hoping for the best, why not explore business insurance policies designed for ransomware attacks? While each policy differs, here is what you can expect:
- Capital for investigation costs
- Assistance paying fees from the breach
- A financial buffer for lost revenue
- Compensation for damaged hardware and software
- Additional capital to cover legal fees and documentation
Each of these areas costs tens of thousands of dollars and thousands of hours to investigate. Knowing this, your organization needs to consider an insurance policy that protects itself in a “what-if” scenario. Whether you are a small mom-and-pop business operating out of your basement or a multi-million-dollar organization with an international client base, ransomware is a real threat. If your business utilizes and stores sensitive data, attackers want to steal it from under your nose.