Electronic vandalism is on the rise and creates significant challenges for business owners. The great news is there are steps you can take to protect yourself. While our focus here is on a ransomware attack, bad actors do target businesses using a variety of other scams. Previously, David Princeton co-authored an article for Wisconsin Lawyer Magazine that can be found here.
Let’s start with how the ransomware attack works. First, bad actors spend their day sending infected email attachments and links. The attachments and links come from email addresses that appear authentic, so in a rush it is easy to click. When an employee opens the attachment the virus spreads through the network and encrypts the data. Then, because the backup copies the encrypted data and writes over the prior day’s backup, the backup becomes compromised. At this point options are limited to data re-creation or paying the ransom. Tragically, even paying the ransom may not get all of the data back. So, how can you protect yourself?
First, enact proactive strategies. Employers should phish test employees. So called “White hat” firms send realistic, but fake phishing emails to test employees computing practices. This practice raises awareness about the various forms a phishing attack can take. It also gives leadership meaningful baseline metrics so it can work with employees to improve security behaviors. Additionally, ensuring anti-virus software is up to date and adding a hard drive backup can provide even more protection.
Second, review your insurance coverage before a loss happens. Electronic vandalism insurance is a relatively new product, and many variations exist. Businesses should work carefully with their brokers to get appropriate coverage. Policies can come with inadequate policy limits or exclude risks you intended to insure against. For example, a $10,000 policy limit maybe inadequate to cover the ransom demand, loss of income, forensic computer experts, and employee overtime. In sum, employers should proactively assess their vulnerabilities and risk tolerance, and get appropriate insurance coverage to meet their needs.
Finally, even if a ransomware virus infects your computer, you can mitigate the damage by taking immediate action. Upon discovering the virus, unplug external hard drives and remove the infected computer from the network. This could stop the virus from encrypting other hard drive files or from spreading to other computers on the network. Next, contact a computer expert who can take additional steps to mitigate the interruption.
As Benjamin Franklin once said, “An ounce of prevention equals a pound of a cure.” Ransomware can be disruptive and expensive, making it important to take the proactive steps today, that will reduce your risk tomorrow.
Kevin Galezewski, AIC, is a senior consultant at Advocate Claim Service where he applies his expertise from more than a decade in the property and casualty insurance industry. Kevin previously served as a subrogation professional, arbiter, and electronic vandalism lead. Currently, Kevin attends Marquette University Law School and is an active member of the Alternative Dispute Resolution and Real Estate Law Societies.
Advocate Claim Service takes the anxiety out of claims. We are licensed insurance professionals with significant insurance claims experience across a wide array of coverage lines who can bring clarity to any insurance program. We also conduct proactive insurance program diligence reviews.
Want to have your question, comment, or concern addressed in an article or arrange a private conversation? Send inquiries to: info@advocateclaimservice.com