Ransomware attacks increased by over 250% during the first few months of 2017, according to a recent report by the security firm Kaspersky. In its report, Kaspersky warned of a ransomware epidemic in the wake of the WannaCry cyberattack.
In May, this attack affected 200,000 Windows computers in more than 150 countries, including China, Japan, South Korea, Germany, Britain and the United States. The attackers used a variant named WanaCryptor 2.0 commonly known as “WannaCry.” The variant used an exploit found in Microsoft Windows operating system software to infect machines and carry out its attack.
Ransomware is malicious software that takes control of your computer’s data files and holds them for ransom. The software can control the data files by encrypting them and preventing access without the proper decryption key. This key is typically only supplied once you pay the ransom amount which is often requested via bitcoin.
More often than not, employers do not realize they have become a victim until users start to complain about an inability to access their documents and information. When this occurs, IT support typically finds the extensions of necessary files renamed with the ransomware variant. For example, WannaCry would rename file extensions to “.WNCRY.”
The rise in cybercriminals’ usage of ransomware is linked to the increased popularity of bitcoin. The bitcoin services are pseudonymous, meaning there is no name or person associated with the bitcoin account and ownership is established using a bitcoin address. This makes it difficult, if not impossible, to identify the account holders, creating the perfect currency for cybercriminals.
The relatively small ransom amounts demanded are by design — the malware designers aim to infect as many computers as possible, and to be paid as quickly as possible. By keeping ransoms to a few hundred or a few thousand dollars, they hope victims will pay quickly rather than give up access to their files for days or weeks while in pursuit of an anti-ransomware tool.
Some experts recommend that you should not pay the ransomware if you’ve been hacked. Even if there is a way to determine if you’ve paid the ransom, there is no guarantee that the hackers will return the files to you unharmed, if returned at all. Experts also recommend you take the following precautions:
Ransomware attacks fall under your cyber insurance policy's "cyber extortion" coverage and is generally considered to be "first-party" coverage. A policy with only third-party coverage would likely leave a company uninsured when they are the victims of a ransomware attack. However, once you're aware of these gaps in your policy, you can take action to fill them. Most cyber insurance policies are highly customizable, allowing your company to create a coverage solution that best fits your specific risks.
Associated Benefits and Risk Consulting will continue to monitor the risks associated with ransomware and offer best practices for keeping your company safe. Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.
Jake Omann specializes in providing clients with risk management and executive risk services that cover their liabilities as a corporation, as well as the personal liabilities of their directors and officers. He started his career over 10 years ago in sales at a multinational financial services co
Jake Omann specializes in providing clients with risk management and executive risk services that cover their liabilities as a corporation, as well as the personal liabilities of their directors and officers. He started his career over 10 years ago in sales at a multinational financial services corporation before beginning his broker career in managing executive risk programs for Fortune 500 companies. Jake currently sits on the board for ACES for Kids.
The world is different than it once was. It used to be that you needed a 30-foot phone cord to take the phone into another room just so you could have a little privacy, and that when you left work, you really left work, since there wasn’t any way to login remotely.
Nowadays, technological advances have made us truly mobile by enabling us to stay connected 24/7/365. While the workplace impact of 24/7 connectivity has meant that employee productivity has been on the rise, along with it comes challenges that couldn’t have been imagined even 15 years ago.
With massive data breaches at organizations such as Target, Dairy Queen, and JPMorgan, businesses are becoming more aware of the threat of hackers and external threats to their data. And while it’s important to protect yourself from such exposures, history has shown that the real enemy lies within our own companies. Don’t believe it?
Send a Message
Find a Location