Ransomware is malware that blocks access to a computer or its data until the owner pays a ransom. Depending on the encrypted data, you can be required to pay thousands of dollars.
One of the major factors leading to increased ransomware attacks has been the COVID-19 pandemic. As organisations adopt hybrid and remote work models, they are forced to accelerate their digital infrastructure.
However, many businesses fail to train employees to manage company data while working from home. This has further exposed them to cyberattacks. As a result, affected individuals and companies spent around $20.9 million on ransomware in 2020, 200 times more than in 2019.
Today, there is greater awareness in the public domain about the risks of a ransomware attack than before. Yet, some organisations don’t have sufficient knowledge or resources to prepare them against a cyber attack. Is your company one?
This article will introduce you to the nature of cyber risk and ransomware attacks, and how you can protect your business or firm against cyber threats.
Are you prepared for an attack?
The first known instance of a ransomware attack occurred in 1989 when Joseph Popp distributed 20,000 floppy disks containing a trojan virus at the World Health Organization AIDS conference. The virus was programmed to hide all directories on the affected computer after booting up to 90 times. After that, the victims were directed to mail $189 to an address in Panama.
Thirty-three years since that time, ransomware attacks are now at a crisis level. Ransomware attackers can confidently infect IT companies with viruses and cause significant business interruptions.
Kaseya, an IT solutions company, announced on July 2, 2021, that its systems had been compromised and were experiencing a cyber security breach. As it turns out, the attackers made away with a steal of approximately 1,500 organisations’ data through Kaseya’s database. They demanded $70 million worth of Bitcoin in exchange.
What’s worse is that the nature of ransomware attacks continues to change as technology advances, and therefore companies and organisations’ cyber liability continues to rise. For instance, cyber criminals now leverage increased digital communication and electronic content between co-workers and executives.
Ransomware attackers now use fake personas to impersonate executives and communicate with vulnerable employees. That way, they can extract sensitive information like enterprise passwords that enable easy compromise of its system.
Another deadly instance of the advanced nature of ransomware attacks is remote-controlled malware like Bitpaymer, REvil, and Ryuk.
They are more effective than NotPetya and WannaCry, the traditional, and “more publicised” ransomware strains. Practically, the remote-controlled malware is programmed so that the attacker can initiate an evasive response and bypass security controls as it interacts with the victim in real-time. This poses a big challenge for companies with a weak incidence response plan.
In addition, cyber criminals are making it more difficult for organisations to manage ransomware attacks with the emerging trade of ransomware-as-a-service. This is ransomware software built by criminals based on their years of practising the attack. The software is sold to other hackers who can quickly deploy it to unprotected enterprises.
Cyber criminals are not honest or noble people. This is why paying a ransom is rarely the right solution for a ransomware attack. Sometimes a ransomware victim does not receive the decryption tool even after paying. And when they receive a decryption tool, only 93% of data is recovered from a ransomware attack.
Furthermore, only 29% of victims could restore all their encrypted or blocked files following a cyber event. This means the organisation may forever remain at the mercy of the criminal or spend considerable sums to overhaul its cyber security architecture in the wake of cyber crime.
This is why your organisation must be prepared to resist a cyber incident at all times by following the tested tips below.
Three tested tips to prepare for cyber threats and business interruption
To prepare for a ransomware attack, you need to know where your potential exposure points are, keep up to date with cyber incidents and consider cyber insurance.
Let’s discuss our top tips below.
1. Identify the risk
Identifying where your system security may be at risk is a great way to stay one step ahead of a potential attack and also allows you to access a cyber insurance policy with adequate coverage.
There are three steps to identify cyber security risks in your organisation; they include:
Identify assets
Ransomware hackers typically target company assets, which include electronic data of all kinds, including personally identifiable information. This data can be extracted from humans (employees) or software.
To assess your risk exposure to a ransomware attack, you must first identify your assets and prioritise those you must protect. Often, companies value protecting their customers’ data and their own intellectual property, which can both be put at risk of a cyber incident.
Although identifying company assets can be tricky, understanding what kind of data your organisation stores and the consequence of cyber extortion will help you establish a clear picture of which assets to prioritise.
Good to know: if you have an existing cyber insurance policy, Barrack Broking can offer services to review the policy wording is adequate in covering your assets.
Identify threats
Identifying threats involves looking into internal and external factors that can put your assets at the risk of a cyber breach. For example, an outdated anti-malware is an internal threat or an employee who uses the same password for the enterprise network and their social media accounts.
External threats like computer hacking and remote desktop access will prey on internal risks to steal passwords or install malware that will infect all connected computers and block access.
Identify vulnerabilities
Identifying flaws in your company’s security system helps you understand the type of cyber attack or computer hacking you are susceptible to. For example, an employee who is not aware of the psychology of phishing attacks or social engineering can be subjected to an attack that could result in a privacy breach, lost data and financial losses.
Once you know this, it is easy for you and your cybersecurity team to develop a strategic plan to prepare against a ransomware attack.
2. Manage your cyber risk
Managing the risks of ransomware involves setting up an information security protection plan that puts you ahead of the attackers.
We recommend the following:
Install the latest anti-malware
The right anti-malware software can prevent many types of cybercrime, provided that you install it before the virus infects your computer system.
Anti-virus software is an age-old solution for most cybersecurity concerns. However, they may be ineffective against a ransomware attack that has already infected your system.
If you have a next-generation anti-malware installed, it can easily detect remote access activities, key loggers, and other malicious activities that often occur with a ransomware attack.
In addition, you want to install the anti-malware software on all your mobile and desktop devices within the business to prevent malicious access in all its forms.
Enrol employees in information security awareness training
In any information system, a human is the weakest link; the success of the most common cyber-attacks relies on human vulnerability.
A human may become vulnerable to a cyberattack if they expose sensitive information online, fall for a phishing email, use weak, repeated, or generic passwords, etc.
And suppose this human happens to be your employee. In that case, cybercriminals can easily prey on their weakness to infiltrate your organisation’s system.
Therefore, enrolling your employees in information security awareness training is an effective way to curb vulnerability to cyberattacks.
An information security awareness training is designed to educate employees on the nature and types of cyberattacks, cyberattack techniques, and how to protect their digital footprint against criminals.
The Australian Cyber Security Centre has set up an Alert Service, which can help provide online security information that is easy to understand, to help protect and inform your employees of different cyber threats and cyber attacks to be wary of.
Setup a Role-Based Access Control (RBAC)
RBAC involves restricting network access to specific employees based on their role within the organisation. It is an effective way to manage the potential for a cyber attack because you can assign a confidential asset to an employee who can guarantee its safety. This helps reduce your data liability.
Data breaches, even something such as accessing or distributing the wrong file, can amount to enormous third party costs, affect public relations attract regulatory fines, which can cripple any business, especially small businesses. That way, an employee works only with the information they need without potentially exposing critical assets.
3. Prepare your contingency plan
Preparing a contingency plan ensures that your data is safe and recoverable in the event of a cyber breach or cyber attack.
You can prepare a contingency plan in two ways:
Data backup and incidence response
Creating a backup of your company data is a great way to avoid paying ransom to cyber attackers because you can quickly restore data and get your employees back to work.
It’s best to choose a cloud backup over a local backup. This is because a local backup can also be infected by ransomware if the malware is deployed into the systems for a long time. However, cloud storage is more reliable since it is managed by a third-party company and can be easily retrieved at any time.
In addition, your company’s IT unit can set up an incidence response plan based on the outcome of their risk assessment.
An incidence response plan contains a predetermined set of instructions or procedures to detect, respond to, and limit the consequences of a malicious cyberattack against an organisation’s information systems.
Typically, an incident response team is established to immediately respond to and intercept cyber incidents, which can extend as far as managing public relations, particularly if the cyber event resulted in a data breach.
Cyber Insurance
A Cyber liability insurance policy can cover the costs of a ransom payment and is your final option to restore your company data from a ransomware attack. Like other insurance policies, cyber liability insurance is set aside so a company can quickly meet the demands of cybercriminals.
How much do you know about your company’s data, financial situation and business risk?
Do you have a cyber policy amongst your business insurance arrangements?
We recommend you work with your insurance adviser to consider your exposure and understand your current IT security before proceeding.
Conclusion
Ransomware attacks are on the rise and pose a serious threat to businesses of all sizes.
The first step in preparing your company or small business against a ransomware attack is identifying the risk associated with your company assets.
Once you know what you’re working with, you can start managing the risks with anti-malware programs, employee training, and role-based network access.
Finally, make sure you have a cloud-based data backup and cyber insurance policy in place so that if there are cyber incidents, you’re prepared.
Do you have questions about ransomware, how a cyber incident can affect your business or cyber liability insurance?
Chat with a professional insurance broker at Barrack Broking today for expert advice.
