Ransomware prevention and awareness

Findings from an analysis of 2017 cyber claims data revealed that negligence was the most common cause of loss for the healthcare industry and a hacking attack the most common for non-healthcare organizations. However, ransomware was the second most common cause of loss for all industries.

Ransomware is a cyber-related threat with a monetary demand. The threat is typically to divulge or destroy information, to insert malicious code into a computer system, or to damage, destroy or prevent access to a computer system. According to the report, “2018 Cyber Claims Digest,” by NAS Insurance, there was a 152 percent increase in ransomware as a cause of loss in the healthcare industry between 2016 and 2017.

It’s important to understand that no business or industry will be immune to a cyber attack, as all signs point to an increase in attacks and more sophisticated threats. James Lewis, senior vice president at the Center for Strategic and International Studies agrees. “One emerging trend is ransomware worms, which work their way through networks to lock out many more computers than just the initial target. New ransomware attacks are expected to gain exfiltration capabilities, stealing target files and locking the user out at the same time.”

​Because anyone can become a target, prevention and awareness are most important in managing cyber risk. Norton offers these do’s and don’ts when it comes to ransomware:

• Do not pay the ransom. It only encourages and funds these attackers. Even if paid, you still may not be able to regain access to your files.
• Restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to restore access to your data.
• Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware or gain intelligence for attacks by claiming to be from IT. Contact your IT department if you or your coworkers receive suspicious calls.
• Maintaining a secure firewall and keeping your security software up to date are critical. It’s crucial to use antivirus software from a reputable company.
• Inbound emails should be scanned for known threats and should block any attachment types that could pose a threat.
• Do make sure all systems and software are up-to-date with relevant patches. Exploit kits hosted on compromised websites are commonly used to spread malware. Regular patching of vulnerable software is necessary to help prevent infection.
• If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi.

According to the Bitdefender, one in six spam email messages comes bundled with some form of ransomware. Further, ransomware is specifically being aimed at companies.  Cyber insurance can help.  Contact Molyneaux to learn more.
 
Sources:
https://us.norton.com/internetsecurity-malware-7-tips-to-prevent-ransomware.html
https://nasinsurance.com/wp-content/uploads/2018/08/2018-NAS-Cyber-Claims-Digest-FINAL.pdf
“The true cost of a ransomware attack,”Business Insurance
“The global threat landscape report – 2017,” Bitdefender