The Scourge of Ransomware

As the third largest global business risk, per the Insurance Information Institute (III), cyber-crimes have accounted for at least 500 million incidents within the first half of 2016 alone, most likely to see this number increased drastically due to the recent WannaCry malware hack which targeted large corporations and individuals globally.

Without explicit warning, WannaCry searches for and encrypts various file types found on the target computer, after which a ransom note requests payment of US $300 in the form of Bitcoins for the safe return of your files. The note also indicates that ransom will be doubled after three days and deleted after seven days if payment is not received, leaving the original owner of the files in a predicament if the information obtained included sensitive client data.

Targeting nearly 100 countries globally across all industries, this cyber-attack has left a wake of devastation in its trail. This brings into focus the need for cyber insurance for large corporations and small businesses, including private institutions. Through intelligent phishing schemes and the spread of tools such as email and digital databases, hackers tend to target the ‘weakest link’ in the defense, thus it’s highly important to ensure proper staff training to avoid creating a gateway for criminals.

Per Vitali Kremez, Director of Research at Flashpoint, “Businesses need to prioritise cyber security and make sure that it is a C-Suite issue that is taken seriously by all departments and employees across the entire business. The weakest link in the defense is most often what will be exploited by criminals.”

“Since the news broke about the WannaCry ransomware, insurers have been a key source of guidance for corporate clients about what is happening and what to do about it. When insureds are hit by ransomware, insurers can be a key source of guidance in advance of a breach and post-breach inevitably insurers have dealt with ransomware sometimes hundreds of times before and can be guides to taking the appropriate responses and bringing together the appropriate legal, communications and security teams to respond,” according to Symantec.

Although cybercrime is something that will continue to play a vital role in today’s society due to technological advances and the way we do business on a mass digital scale, large corporations and private institutions, as well as private individuals, can still take precautionary methods in order to ensure the safe keep of sensitive client information.

Having effective insight and intelligence about relevant threats, investing in technology and people, providing training for staff on cyber security, and prioritising defense from the most senior staff through to the most junior is essential. Failure to take action will only make your business more vulnerable to compromise.

Above all else, having the proper support in the form of cyber insurance will ensure that you’re covered if your business is targeted by cyber crimes. Since there is no cure if hackers continue to hide in secret corners of the dark web protected by rogue communities, it’s important that proper precautionary measures are taken in order to protect what rightfully belongs to you, your clients, and the wellbeing of your business.