Ransomware Attacks are Increasing: Here’s What Businesses Need to Know

Ransomware is a well-known type of malicious software. It restricts access to an infected machine, typically by encrypting files on the hard drive, and then demands payment of a ransom in exchange for the key to decrypt the data. Symantec Corporation, the software company that develops and distributes the Norton product line, calls ransomware “the online form of the bully’s game of keep-away.” Many might remember the WannaCry ransomware attack in May 2017 – a worldwide cyberattack that targeted computers running Microsoft Windows operating systems; over 200,0000 computers across 150 countries. Data was encrypted and random payments were demanded using Bitcoin cryptocurrency. Attacks such as this one served as a major wake-up call for larger companies who have since then implemented better system patching protocols.

Rose & Kiernan, Inc. uses Beazley Breach Response (BBR) Services for a large number of our clients. Recently, Beazley reported an increase in ransomware attacks on businesses in 2018. Over 71 percent of incidents impacted small and medium sized businesses, which they attribute to a few different factors:

  • Larger companies typically have better resources to implement better controls. These controls can prevent ransomware attacks or keep them from spreading.
  • Smaller companies are also “less likely to have properly segmented their backups, resulting in a higher likelihood that they will need to pay the ransom to get back up and running.”

What makes effective response to ransomware challenging are a combination of different forms of ransomware and ransomware’s ability to “stop a business in its tracks.” Due to a lack of resources and protocols, when compared to larger firms, smaller businesses are more vulnerable to ransomware attacks. However, Katherine Keefe, global head of Beazley Breach Response Services, advises businesses of all sizes to have up-to-date training for all IT employees to make sure they implement necessary, important cybersecurity measures and are aware of all risks.

As a business, always remember to maintain and update your security software. Keep your operating system updated, too, and avoid running hardware or software that is obsolete; it no longer has vendor support. Beyond just training your IT employees, provide cybersecurity training to all employees and keep them informed on best practices, security alerts and potential risks. The advice provided can help protect a business from ransomware attacks.

Of course, cybersecurity insurance is important and recommended, as it helps a business recover from a security breach or other cyber event. For more information on Rose & Kiernan’s cybersecurity risk management, please contact us at techrisksolutions@rkinsurance.comClick here to learn more about cybersecurity insurance.

Post a Comment

Your email address will not be published. Required fields are marked *

Related Posts

A New Cybersecurity Threat: Understanding Fileless Non-Malware Attacks

Fileless non-malware tactics are being used to stealthily infiltrate cybersecurity systems and many organizations aren’t equipped to detect or defeat these tactics. We discuss what businesses can do to combat fileless methods of attack and protect cyber assets.

Read More

cloud-based email compromises
Cloud-Based Email Compromises are Increasing: Here’s What Businesses Need to Know

Recent reports show an increase in cloud-based email compromises. Here are some recommendations and best practices for businesses to improve their cybersecurity.

Read More

How the Equifax Data Breach Effects Small Business Owners

While most assume Equifax’s massive data breach is solely an issue for consumers, it’s important to consider that many small businesses’ credit activity is under the names of business owners. Businesses that use personal credit cards and/or maintain debt in the name of an individual are also at risk for cybersecurity and identity theft attacks.

Read More