Cyber Liability is a burgeoning area of insurance in a world where so much of our data is kept in the cloud. We’ll share a blog about this soon. Yet, even more specifically, Cyberattacks like the “WannaCry” Ransomware that took the world by storm…we’re not exaggerating here…it had a GLOBAL impact in over 150 countries and losses of around $14 billion…are perhaps even more menacing because they are so aggressive in nature.
If you use a computer in your business, you need coverage for ransomware attacks. We offer that coverage.
Here’s how it works. Your network is compromised, possibly without you even knowing it. An email attachment or download may have infected your network with ransomware. In the case of “WannaCry,” the source was actually developed by and stolen from the U.S. National Security Agency. It primarily impacted users that had not installed the Microsoft Windows XP update that had recently been released to protect from this vulnerability.
Once your network is opened, hackers lock down all of your access to your information and post a ransom message on the front page, requiring you to pay them an amount of Bitcoin–an untraceable digital payment system–in order to retrieve your data. Then you have the choice to either pay or not pay.
It’s not a great choice. But before we get to that, let’s talk about the choices you can make to potentially prevent this type of attack in the first place.
Prevent an Attack
- Recognize Your Weakness. This does not only impact large businesses. In fact, moderately sized businesses are likely more vulnerable because they often don’t have the resources to have in-house security or a dedicated anti-hack unit. The Insurance Information Institute says that more than 60% of these attacks are aimed at modest-sized businesses.
- Educate Employees. Software updates are annoying. There is no doubt. Waiting to open an attachment or click on a unknown download can feel burdensome. Yet, employees who neglect to do either of these things can unknowingly jeopardize the entire company. Make sure employees are aware of the consequences of these actions.
- Invest in Prevention. Create a system for backing up data with frequency. Make it automatic as much as possible so that human error can’t derail your plan. Having an accessible and complete copy of all of your data renders the ransomware useless. Businesses should also run through a practice scenario to put a system in place for what happens in case of an attack. Though this takes time away from running your business, having a clear plan can make an attack infinitely less impactful.
Recover from an Attack
Of course no matter how diligent you are, the day may come that your business comes under attack from ransomware. In that case, recovering from the attack becomes your priority.
- Do NOT Pay. It’s tempting to think that the loss your company will sustain from paying the ransom is much less than the loss of business by not paying and losing your data. While that is most likely true, paying feeds into the hacker culture, making this type of attack more prevalent AND there are absolutely no guarantees that paying will release your data free and clear.
- Check Your Insurance. The losses to your business and recovery from this type of hacking can be incredibly expensive and time-consuming. Having a policy to specifically protect you from a ransomware attack is a wise investment.
Please check with your agent about your options for this type of coverage. It’s easy to think that it won’t happen to your business but the reality is…it could. Protect your business today.