Ransomware Attacks Continue: How Can Businesses Protect Themselves?

A recent alert from the FBI and the Cybersecurity Infrastructure and Security Administration (CISA) warned against advanced persistent threat (APT) actors actively scanning devices for certain critical vulnerabilities. These include Fortinet FortiOS SSL VPN devices that can be exploited to allow attackers to gain a foothold in your company’s network, launch ransomware, or steal your data. Businesses can protect themselves by patching these vulnerabilities.

This alert is immediate, and the FBIA and CISA note that further exploitation by criminal threat actors is likely to follow. They provide a list of recommended mitigations that organizations should take.

The trend of more frequent ransomware attacks has continued and presents a problem for businesses that will not go away. In fact, early last year, we wrote about how ransomware attacks have grown increasingly complex. Leaders Edge reports that ransomware has been successful for two reasons:

  1. Businesses have not developed and tested backup and recovery plans that enable them to fully restore systems encrypted by ransomware
  2. Businesses have not encrypted their data at rest

In completing these two steps, a business will have full backup and restoration capabilities and the ability to restore its systems, sending the cybercriminal elsewhere. However, businesses have chosen not to put together a backup and recovery plan and encryption because it can be difficult to do and could be expensive.

Right now, it is imperative that businesses start to invest in backup and recovery capabilities and work on encrypting data at rest. Underwriters for cyber liability insurance policies are looking more and more at what the preventative measures the organization is doing to protect against cyberattacks.

Cybersecurity insurance continues to be important and recommended, as it helps a business recover from a ransomware attack, security breach or other cyber event. The team at Rose & Kiernan, Inc. is here to go over the issues discussed in this blog post.

For more information on Rose & Kiernan’s cybersecurity risk management, please contact us at techrisksolutions@rkinsurance.comClick here to learn more about cybersecurity insurance.

Post a Comment

Your email address will not be published. Required fields are marked *

Related Posts

cloud-based email compromises
A Rise in Cyber Crime and Cyber Insurance Rates Highlight the Need for Improved Incident Response

We saw a rise in cybercrime in 2020, and as a result, cyber insurance rates increased, too. All of this points to a need for organizations to address incident response.

Read More

A Summary of the Q4 2020 Council of Insurance Agents & Brokers CIAB Survey

The Council of Insurance Agents & Brokers (CIAB) Q4 2020 Commercial P/C Market Survey was recently released. This survey is a source for brokers and consumers alike interested in market trends.

Read More

rk blog - ransomware attack
What the Severity in Ransomware Attacks Means for Business Owners

Beazley recently reported that ransomware attacks have grown increasingly complex. Businesses should take some prevention steps for proactive risk mitigation, plus consider cyber liability insurance, if they haven’t already.

Read More