Just released: How to raise venture capital in 2023

Download

Rise of Ransomware: How to Protect Your Business

TL:DR

Key Takeaways

Matt McKenna Scale Underwriting
Matt McKenna

Underwriting Manager

Ransomware is all over the news. From the Pipeline attack to a slew of other threats, this cybersecurity issue isn’t going away anytime soon. The past year has only exacerbated this particular problem. Let’s review the details of these attacks and what your business can do to protect itself.

Ransomware Background

For starters, what is ransomware? Sure, everyone’s talking about ransomware, but what exactly is it? Ransomware is a form of malicious software that encrypts the target’s files, making the target unable to access their data. A ransomware attacker will demand a fee to target the decryption key to re-access their software. Typically, the fee demand is in bitcoin and can range from hundreds to thousands to hundreds of thousands.

Phishing

So, how do these attacks happen? The most common way a ransomware attack occurs is through phishing. Phishing is the process by which the attacker will include a malicious link in an email that seemingly comes from a trustworthy source. Once the link is clicked, the malicious software is downloaded to the target’s computer.

In some ransomware attacks, the attacker may claim to be a law enforcement agency or the company’s own IT department, saying it has to shut down and update the target’s software. The attacker is then given full access by the target and can begin the ransomware attack by encrypting the target’s files.

Social Engineering

Social engineering is so popular that it’s a part of almost all ransomware attacks. It occurs when an attacker manipulates their target into clicking a malicious link, downloading malicious software, etc.

Social engineering often happens in conjunction with a phishing attack. Someone is pretending to be a trusted source (e.g., CEO or CFO of a company) and asks the target to upload software to their computer for safety measures. The target trusts that the email is from someone they know, and they comply with the directions resulting in the start of a ransomware attack.

Another form of a social engineering attack is baiting. For example, someone you know sends you a link to download music from a band you’re interested in. Once the “music” is downloaded, the malicious software is immediately installed, leaving your system exposed.

High Profile Ransomware Attacks

Here are a handful of the most famous ransomware attacks that occurred recently.

Colonial Pipeline

One of the most recent, high-profile ransomware attacks was on Colonial Pipeline, a major fuel pipeline that supplies the east coast. As a precaution, the company took the pipeline offline and said the attack didn’t interfere with the systems operating the pipeline. The result of this shutdown could be increased gas prices along the East Coast, showing how impactful these attacks can be.

City of Baltimore

In May of 2019, Baltimore, MD, had its servers compromised by a ransomware attack. The attackers demanded payment in bitcoin (13 bitcoin, equal to roughly $76K). The city was susceptible to a ransomware attack because of the lack of controls that it had in place. As a result of the attack, the city had to reallocate $6M for additional information technology security and infrastructure.

Microsoft Exchange Attack

In January  of this year, a series of attacks crippled Microsoft’s exchange servers. This attack gave the attackers access to user emails, passwords, admin privileges, etc. It’s estimated that the attack impacted as many as 250,000 servers.

Microsoft acted quickly and released a series of updates in March meant to patch the security exploit identified by the attackers. However, Microsoft found another round of ransomware later in March, which required yet another series of patches. This attack cost Microsoft millions in addition to irreparable harm done to its brand.

Small Business Example

Larger companies get the majority of the headlines when they suffer ransomware attacks. However, almost 50% of small businesses have experienced a ransomware attack. That said, hackers often target small businesses due to the lack of internal controls and security procedures. Additionally, most small businesses are more likely to pay a ransom to get their systems up and running again. Remember, downtime is critical to a small business’s bottom line.

Unfortunately, a ransomware attack can cost a small business as little as $10K up to the hundreds of thousands. For example, a small start-up company in Europe sold high-end products online. Their IT security controls didn’t go beyond what came with their systems — just the basics.

One day, an employee errantly opened a PDF that seemed to be from someone internal. The PDF downloaded the malicious software, and the company was locked out of all of its systems. They later received an email stating that they would get their data back if they paid 15K in cryptocurrency.

The hackers kept threatening the company by repeatedly sending email demands. The company ultimately didn’t pay the hackers; however, they lost just as much if not more money than the ransom. Consider the cost of their systems being down and the cost of the workforce to increase their internal controls.

How Can Businesses Protect Themselves?

With the increase in ransomware attacks, it only makes sense to find ways to protect your organization. Here are a few risk management ideas.

Cybersecurity

Cybersecurity is crucial to protecting your business from a ransomware attack. This approach includes the protection of your information, data, hardware, and software from cyber threats. Cybersecurity also involves data security, operational security, physical security, as well as your business’ disaster recovery and business continuity plan.

Internal Processes and Procedures

Given the rise of ransomware attacks, internal processes and procedures are now more critical than ever. Most cyber insurance carriers ask for a supplemental ransomware application before they provide a quote for cyber insurance.

These applications ask specific questions about internal controls such as multi-factor authentication, off-site data backups, firewalls in place, encryption, etc. These internal controls limit a company’s exposure to ransomware, thus making the cyber carrier more comfortable taking on the risk.

Risk Assessments

If you’re wondering if your company could be susceptible to a ransomware attack, executing a cyber risk assessment of your systems will help give you the answer. A cyber risk assessment can help you identify and prioritize risk to your operation and risks resulting from the use of your information systems.

Furthermore, a cyber risk assessment will help your organization’s leaders make critical, informed decisions about the security in place and the need to add additional measures. The evaluation can help you decide the impact of a ransomware attack on your organization and what current systems are most vulnerable to such an attack.

Does Insurance Cover Ransomware Attacks?

In a word, Yes! Ransomware (most commonly seen as “extortion” on cyber liability insurance policies) is covered by our preferred cyber carriers. In almost all cases, ransomware is covered up to the total limit of the cyber policy.

Understanding the details of what coverage your company needs can be a confusing process. Founder Shield specializes in knowing the risks your industry faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll walk you through the process of finding the right policy for you.


Want to know more about cyber insurance? Talk to us! Please contact us at info@foundershield.com or create an account here to get started on a quote.

Related Articles

data breach 2024
October 1 • Cyber Liability

Top 10 Cyber Security Data Breaches of 2024

Cybersecurity under attack in 2024! Discover the top 10 data breaches that rocked the world. Learn how major companies fell victim to cybercriminals. Understand the risks and take action to protect your business from cyber threats.

supply chain disruptions
August 27 • Cyber Liability

Cyber Attacks & Supply Chain Disruptions: Startup’s Worst Enemy?

Explore the evolving threat landscape for supply chain disruptions, mitigation strategies, and the importance of risk management in today’s volatile business environment.

cyber insurance pricing trends 2024
March 13 • Cyber Liability

Cyber Insurance Pricing Trends 2024

Uncertain about cyber insurance costs in 2024? Our article explores pricing trends, expert predictions on rate increases, and strategies to potentially reduce your cyber insurance premium.

cyber liability insurance premiums
March 4 • Cyber Liability

7 “Must Haves” For Cyber Liability Insurance in 2024

With cyber liability insurance premiums rising, business leaders must have the inside scoop to keep costs low. Our partners at Blacksmith InfoSec delve into those tips and tricks.

Cybersecurity Data Breaches
November 9 • Cyber Liability

Top 10 Cybersecurity Data Breaches of 2023

Today’s digital landscape is frightening for business leaders. Here’s a glimpse into some of the most cringe-worthy data breaches in 2023 — plus, how to avoid them.

Cyber Insurance Pricing Trends
July 19 • Cyber Liability

Cyber Insurance Pricing Trends 2023

After a hard-hit 2022, let’s explore the lessons learned, what currently impacts the cyber market, and cyber insurance pricing trends to expect in the future.