December 10, 2020

Is your business ready for a ransomware attack?

A Bradish case study

It’s a nightmare scenario no business wants to face — your computer system and data are suddenly held hostage by a hacker who used malicious software (malware) to infiltrate your system. It’s called a ransomware attack, and it’s not just a bad dream. Ransomware attacks are happening with greater sophistication and increasing frequency. The good news is that you can take precautions now to avoid an attack or at least minimize the potential damage a hacker may be able to inflict.

Ransomware attacks happen to companies and organizations of all types and sizes. That includes small and medium-sized businesses.

What would you do?

Recently, a Bradish client in the financial services sector* experienced a debilitating ransomware attack. A hacker infiltrated the company’s file server and encrypted its data, locking out employees from critical programs and files. The company faced a short deadline to make a very difficult decision. Should they pay the hacker a $30,000 ransom to unlock its systems and data? Or should they say no, and completely rebuild the server and reconstruct the data? (*circumstances altered for privacy)

As the deadline approached, the company chose to take the hit and rebuild its server instead of yield to the hacker’s extortion attempt. Many would agree it was the right decision. Hackers often change the rules and demand even more money once the first ransom is paid.

Although the firm lost time and productivity and incurred the expense of paying for specialized information technology (IT) help to remediate the crisis, at least it brought the stressful episode to a close. Fortunately, the company had an insurance policy that paid for some of the forensic investigation and IT rebuilding needed to get back to business.

In some respects, the company got off easy. If the hacker had managed to actually steal the data instead of just lock it down, the company would be in for even more trouble. For one, the hacker could have threatened to release personal and financial data of clients and employees. And then there would always be the risk that the hacker would later make more demands or even sell the data to other hackers, or identity thieves, for their exploitation.

Face the facts and protect your business

The fact is, if you use the Internet, your company is at risk for a cyberattack. Hackers are constantly on the prowl, searching for vulnerabilities to exploit and extort. From an IT infrastructure security perspective, there are several critically important protective steps any business should take to block a ransomware attack. (Read this article to get started.) Employee training is also critical to keeping hackers at bay. Resources are available through IT professionals as well as insurers.

Another important component of your anti-hacker plan is to equip your company with the right level of insurance to protect your assets. Insurers offer distinct levels of coverage based on what you need. Important considerations include the size (number of employees), type of company you operate and variety of systems, programs and data you work with.

Speaking in general terms, if you are concerned about your business’s operational data and processes only, or have limited customer data on file, consider adding coverage to your business owner’s policy or general liability policy. On the other hand, if you collect and store payment information and other financial or personal details on clients, you probably need more coverage. This may mean an independent, comprehensive policy.

How can cyber insurance help?

The field of cyber insurance is growing and changing to adapt to the constantly evolving threats of living and working in cyberspace. Currently, two main categories of business coverage are available: data breach coverage and cyber liability insurance.

Data breach coverage usually encompasses expenses to notify employees and customers whose data have been compromised and the cost of offering credit-monitoring services. Policyholders can often customize coverage to include replacement of income lost while recovering from a ransomware attack. Adding extortion coverage is another option, to cover the ransom amount you paid to gain access to your data if it was held hostage.

Cyber liability insurance is a separate policy, often for businesses that handle larger amounts of client and partner data, such as the private health data of patients in a medical practice or personal and financial data from customers of a financial services organization. The policy usually includes the data breach risks above, but on a larger scale. It will most likely also cover expenses including regulatory fines; legal services required to meet regulatory compliance with government entities; and lawsuits by employees or customers related to privacy and data security.

Policyholders often have access to extra benefits attached to cyber liability insurance and data breach coverage. These could include features such as access to an emergency hotline to assist with data breach response and resources designed to help companies train employees as well as put protective measures in place to secure information systems and data.

The right cybersecurity coverage can make a big difference as to how well your business may recover from a ransomware attack or other online threats. Contact your Bradish agent to discuss the kinds of risks your business faces and get the help you need to activate your most effective level of business cybersecurity.

by Kris A. Mainellis