With many more people now working from home, ransomware attacks are on the rise:
- In March 2020, ransomware attacks increased 148% over baseline levels from February 2020.
- Cyberthreats are spiking as online criminals take advantage of the coronavirus to attack remote workforces and corporate systems.
- According to Datto, in 2018, on average, small businesses reported 5+ attacks against clients per year. Experts agree that the risk of small businesses suffering a ransomware attack will only increase in the near future as these targets adopt security solutions more slowly than large enterprises.
What is ransomware, and why should you be concerned?
- “Ransomware is a type of malicious software designed to block access to a computer system or computer files until a sum of money is paid. Most ransomware variants encrypt the files on the affected computer, making them inaccessible, and demand a ransom payment to restore access…”, according to Cybereason.
- Users are told that unless a ransom is paid, access will not be restored. The ransom demanded from individuals varies greatly and must be paid in virtual currency, such as Bitcoin.
- Recovery can be a difficult process that may require the services of a reputable data recovery specialist, and some victims pay to recover their files. However, there is no guarantee that individuals will actually recover their files even if they pay the ransom. In addition, decrypting files does not mean the malware infection itself has been removed.
How is ransomware “delivered”?
- Email that appears to be legitimate and which contains links or downloadable attachments is often the way the ransomware is delivered.
- There are also such things as malicious websites or “drive-by” download attacks where malicious code is unintentionally This can take advantage of an app, operating system or web browser that has security flaws due to unsuccessful updates or lack of updates. The user doesn’t have to actively do anything for the attack to happen.
What does ransomware affect?
- If you find that your personal or business computers are affected with ransomware, it’s wise to assume that any sensitive data was compromised. This includes usernames, passwords, banking and credit card information, client lists and email contacts, and so on.
How can I protect myself?
The Cybersecurity and Infrastructure Security Agency (CISA) recommends the following precautions to protect users against the threat of ransomware:
- Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.
- Never click on links or open attachments in unsolicited emails.
- Backup data on a regular basis. Keep it on a separate device and store it offline.
- Follow safe practices when browsing the Internet.
In addition, CISA recommends that organizations:
- Restrict users’ permissions to install and run software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
- Use application whitelisting to allow only approved programs to run on a network.
- Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
- Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
- Configure firewalls to block access to known malicious IP addresses.
Merchants has you covered!
We have a dedicated risk management site available to all policyholders with information on many cyber liability issues. Here you’ll find complete information on cyber liability exposures as well as information on our cyber liability coverage, which provides comprehensive data security and privacy coverage that address both first-party losses, including Cyber Extortion and Ransomware, and third party liability claims, to commercial business owners. With this coverage, you’ll receive expert claims handling and breach response services in the event of a suspected breach, and access to our risk management website. Talk with your independent insurance agent for more information.