Ransomware is a virus on your computer that encrypts data, making it inaccessible for the organization. In a ransomware attack, money (in the form of cryptocurrency) is demanded for the hacker to release the code to decrypt your data and make it accessible. Risk & Insurance provides an overview of ransomware and how organizations can protect themselves from this increasingly common type of attack.
Over the past couple of years, the ransom demand has continued to grow. In 2015, the ransom demand was about $210 USD per user. Today, it is around $2,300 USD per user. This is almost a 1,000% growth rate over 4 years as ransomware continues to evolve and become a more sophisticated type of attack. These costs do not take into account the actual experience of a ransomware case, just the ransomware demand. There would be additional expenses and losses from an incident like this, including those that incur from the legal response, forensic investigation, loss of income from halted business operations, etc.
As ransomware attacks continue to occur, organizations need to consider ways to prevent these attacks from successfully infiltrating their systems. Here are 5 tips to protect your business from a potential ransomware attack:
- Multi-factor authentication: When employees log into a system, they must verify their identity in at least two ways. For example, they log in with a username and password and a verification code is sent to their smartphone.
- Software updates: When software is updated to the newest version, it is less likely ransomware would be able to infect these computers.
- Long and strong passwords: If passwords are longer, stronger and use special characters, it would be less likely for hackers to gain access through compromised credentials.
- Spam filter: Having a spam filter on your email is extremely helpful so the majority of phishing emails never even reach your inbox.
- Train employees: Continual employee training that covers recognizing phishing emails and how to report them is extremely important. User error is a large factor in how many of these attacks occur.
Implementing these security tools and processes are critical first steps in preventing a ransomware attack. Organizations should also consider approaches that would minimize the impact of a ransomware attack if it were successful. For example, continual back-up of data, network segmentation and developing a breach plan if an incident were to occur.
These proactive risk management measures can help organizations prevent and sustain a ransomware attack. It is important to remember there are also risk transfer mechanisms available to create a more robust solution for businesses. Within a cybersecurity insurance policy, there are components of cyber extortion and incident response coverage that are meant to assist organizations when dealing with ransomware events. These aspects of the cybersecurity policy include legal and forensic guidance, along with guidance on whether the organization should pay the demand. Talk to a trusted advisor to ensure the proper risk transfer mechanisms are in place at your organization and to have an advisor review your cybersecurity policy.