In an age where we depend on technology for so many aspects of our everyday lives, cyber-attacks are almost expected. Through technology, we retain, send, and receive all kinds of data, some of which can contain valuable, sensitive, or classified information. With all this data being virtually accessible, it is no surprise that when asked what type of business loss they are most concerned with, our clients resounding response is, “I’m worried about what happens if our data gets hacked and distributed.”

While cyber-attacks have been a real exposure for all since its emergence in 1999, the current pandemic has significantly increased their frequency and severity. Below are just a few of the current statistics keeping us up at night:

  1. The number of unsecured remote desktop machines has risen by more than 40%
  2. Remote Desktop Protocol (“RDP”) Brute-Force Attacks grew 400% in March and April alone
  3. Email frauds related to COVID-19 surged 667% in March alone
  4. More than 530,000 Zoom accounts sold on dark web
  5. 2,000% increase in malicious files with “Zoom” in the name

Travelers Insurance Company, who has been running an annual Cyber Risk survey since 2014, claims that this year has had the highest percentage of victims of a cyber event, with 1 in 4 respondents, out more than 1,200 business leaders surveyed, expressing falling victims to one. Additionally, many of those survey participants admitted to not purchasing cyber liability insurance and, further, broke open a Pandora’s box by also admitting to not implementing standard protection against cyber-attacks, including “cybersecurity awareness training, using virtual private networks (VPNs) with multi-factor authentication, enhancing cybersecurity monitoring and early warning protocols and implementing endpoint detection and response (EDR) solutions.” Unfortunately, with the pandemic creating so much havoc, implementing cyber security may not be the priority that it should.

However, the pandemic continues and so does the potential for cyber-attacks from cyber criminals that are using sophisticated mechanisms to infiltrate corporate networks and cause some serious cyber damage. Ransomware was brought into headlines again recently, when the insurance broker, Arthur J. Gallagher, reported a ransomware incident that forced them to temporarily shut down. With the pandemic, the trend we are seeing is for higher monetary ransom demands and longer length of times for companies to recuperate from ransomware. Here is what you need to know about it and what you can do to have some peace of mind.

What is ransomware?

Ransomware is a form of malicious software (“malware”) used by cyber criminals. When cyber criminals obtain access to a victim’s network, they can use that access to steal data or commit fraud. They can also launch a ransomware attack, which will encrypt the victim’s computer systems and data. The criminals then demand a ransom in return for a decryption key.

What businesses are at risk?

Businesses of all sizes and industries are fair game for cyber criminals.

Can law enforcement assist ransomware victims?

Per the FBI, it is recommended you contact law enforcement as soon as possible to increase the chances of finding the criminal behind the attack. However, they are unable to assist in the recovery of any stolen data.

How are ransom payments made?

Ransomware demands are typically given in cryptocurrency. Payments are usually facilitated by a third-party vendor, who also helps with negotiations.

Is insurance available for ransomware?

Yes! Depending on your policy, coverage can include payments for the ransom, costs of data restoration, lost income due to business interruption, and expenses relating to legal, digital forensics, and public relations services.

We understand that the above is overwhelming but there are several steps you can take to protect your data and hopefully make you less of potential victim:

  • Work with your IT department to execute basic prevention strategies to protect your data as best as possible.
  • Train your employees. Teach them to recognize and report suspicious emails.
  • Disable Microsoft Office macros. Though macros are often time disabled by default, if active, they can execute an attempt to install ransomware.
  • Block Remote Desk Protocol. If it is not required, block it as ransomware attacks can be initiated via Remote Desk Protocol.
  • Strengthen controls over privileged access. You can do this by requiring privileged users to use stronger passwords and having separate admin accounts. Also, strongly recommended, is requiring multifactor authentication for privileged access.
  • Leverage open-source intel. Stay current on tools and techniques used by ransomware attackers to better protect your network.
  • Review and test backup recovery capabilities. Make sure this is secure and hackers cannot get access and encrypt or delete your backup data. Test your recovery once a year to sure that, if needed, your backups will be available.
  • Work with your insurance broker to identify cyber vulnerabilities and put in place a cyber liability insurance program addressing any gaps in coverage

Nobody wants to be a victim of a cyber-crime and, as outlined above, there are ways to mitigate the risk. If you have questions, reach out to your advisor or connect with them in HRX, and allow them to address questions or concerns you may have. Lastly, if you do not already have a cyber liability policy in place, it may be time to explore it as it may really make the difference in keeping your business safe should you become the next victim.

Disclaimer: This content is intended for informational purposes only and should not be construed as legal, medical or tax advice. It provides general information and is not intended to encompass all compliance and legal obligations that may be applicable. This information and any questions as to your specific circumstances should be reviewed with your respective legal counsel and/or tax advisor as we do not provide legal or tax advice. Please note that this information may be subject to change based on legislative changes. © 2020 Sequoia Benefits & Insurance Services, LLC. All Rights Reserved

Maria Small – As a Client Service Consultant for Sequoia, she helps provide our clients with property and casualty consulting services to protect their assets, scale in the marketplace, and manage risk. When she is not working, Maria enjoys hiking, trying new restaurants and spending time with her family.