May 2017 found many organizations scrambling to neutralize the latest ransomware threat: a cryptoworm named WannaCry. Large portions of the National Health Service in the UK, FedEx, and many other companies were affected, unable to provide services to their clients and customers, as their computers systems were on lockdown. Data on their servers was being held for ransom.
WannaCry spread quickly. It was estimated that 230,000 computers were infected in just the first 24 hours after it was released, crippling businesses all over the world. How is ransomware like this spread, and what can you do to protect your business?
How Is It Spread?
WannaCry and other ransomware viruses are spread via email. The email contains a harmless looking link that, when clicked, can take down an entire network. Data on the network is then held hostage by the WannaCry hackers until a specified sum of money (usually in bitcoin) is paid for release.
You can keep your company from becoming a victim of this ransomware by learning (and teaching your staff) to recognize fraudulent emails. Signs of suspicious email include:
- You do not recognize the sender.
- You know the sender, but the message doesn’t look like something this person would send.
- The subject and/or attachment name is vague or confusing.
- The email contains spelling or grammar errors, or random capitalization of words.
- Many people within your organization are cc’ed on the same message.
- You were not expecting the message or it is not related to business.
Such suspicious emails should be deleted unopened if at all possible. If opened, do not click links that appear unusual, or are from unknown sources.
What Else Can You Do?
This virus and others like it take advantage of vulnerabilities in Windows products. At particular risk are networks running older operating systems like Windows 7. As word of the virus began to spread, Microsoft did release an update patch to shore up the vulnerability, but many companies that were infected after the patch was released simply hadn’t done the update yet.
Check with your network administrator. How up to date are you on system updates? What protocols are being used to protect your network? Is there newer technology out there to make your network more secure?
All desktop and laptop systems should have the latest updates of virus and malware scans, and should be set to automatically update these systems. Disable file and print sharing on everything except your file server. Individual systems don’t need it, and in the case of laptops, it can make your data more vulnerable in offsite situations.
Now is the time to institute offsite backup of important information, especially client data. In the case of ransomware, data on the company network is taken hostage, but offsite data backups would be secure and system restore made easier.
Insurance Can Help
While your standard business insurance policies are not designed to cover hacks and data breaches such as ransomware, you can get this coverage elsewhere. Cyber Liability Insurance should be a mandatory part of your insurance portfolio if you use computer networks, connect to the internet, and/or store client data.
Cyber Liability Insurance policies are typically written on a manuscript format and can be tailored to suit your business needs. Policies can be written that would pay the ransom in the event of a ransomware attack, as well as the costs associated with system restoration.
In addition, Cyber Liability policies cover customer notification costs, financial losses to customers, and lost revenue to your business. A risk management analysis with Hayes Brokers can help you determine which cyber insurance coverage is right for your business.