What’s your insurance agency’s defense system for preventing ransomware attacks?
Picture this scenario, you log in to your insurance agency’s intranet some morning and learn that all your files have been encrypted and to retrieve them, you must pay an exorbitant sum of money in bitcoin to a shady online cyber group. If that sounds to be an unlikely scenario it is unfortunately not. Here are a few statistics:
- Since 2016, over 4,000 ransomware attacks have happened daily in the U.S.
- In 2021, the largest ransomware payout was made by an insurance company at $40 million, setting a world record.
- The average ransom fee requested has increased from $5,000 in 2018 to around $200,000 in 2020.
- The average downtime a company experiences after a ransomware attack is 21 days.
- Malicious emails are up 600% due to COVID-19.
Far too many businesses are complacent, thinking bad actors only target large organizations, but smaller businesses are easier to breach. It can happen to any sized-organization, and it can occur in an instant via a careless click of a mouse on an expertly spoofed email.
Preventing ransomware attacks at your insurance agency
Ransomware is a type of malware that encrypts your files and, as the name implies, demands ransom. Security firm McAfee offers the following definition:
“Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. Ransomware is often designed to spread across a network and target database and file servers and can thus quickly paralyze an entire organization.”
In the face of this threat, hardening your insurance agency’s cyber security defenses is mission critical – and has become even more so with so many organizations and employees still working remotely from devices and networks that are less secure than the ones in the workplace. We’ve scoured federal authorities and security experts to compile a list of tips for preventing ransomware attacks through security best practices.
- Employ firewalls, antivirus and malware programs, ad blockers, and email antispam filters. Consider real-time intrusion detection programs.
- Back up your computer daily at minimum. Make multiple backup copies that are stored separately. Consider storing one backup on a secure, encrypted cloud service.
- Keep your computer and browsers current with recommended updates and patches. Updates are often designed specifically to enhance security and address emerging threats.
- Consider supplying dedicated work laptops that are securely configured by your IT staff for any employee who works from home or on the road. It’s an investment that may save you millions.
- Establish a policy that only IT-approved software and programs can be installed on work devices. Limit access to unapproved third-party applications.
- Require people to lock computers when away from the desk and to log out of devices at the end of the day. Use locks on mobile devices.
- Teach staff about creating secure passwords. Better yet, require a password manager. See The best password managers in 2021 and Best Small Business Password Managers of 2021.
- Enable two-factor authentication on key accounts when available. See: Two-Factor Authentication: Who Has It and How to Set It Up.
- Don’t log in to important work accounts or financial sites when on a free, public Wi-Fi.
- Train staff on cyber threats, common scams, and best security practices, not once but regularly. Publicize and enforce your security practices to all employees. Bring the topic up at team meetings to emphasize that it is a priority.
- Consider an expert security audit to detect system or network vulnerabilities.
Phishing and social engineering attacks
Human error is the single biggest cyber security attack vector facing every business. Brute force hacks are relatively rare – it’s far more common for a bad actor to breach your system through “social engineering” – tricks that prey on our human fallibility and trustful nature.
Phishing emails are one of the most frequent ways that cyber criminals gain access to your systems. Phishing attacks are cleverly spoofed emails designed to get the recipient to click an unsafe link or to give up personal information. Be alert for phishing spoofs of trusted services that people use every day – their bank, Microsoft, LinkedIn, PayPal, Apple, Facebook, and others. It’s also common for phishing attack emails to impersonate a senior executive or a manager at an organization, asking employees to open an unsafe document, click a malicious link, or reveal sensitive information. Who’s going to question or say no to a request from the boss? Often the requested actions use urgency to prompt quick action. Training should cover common signs of phishing and should teach people to spot spoofed emails, spoofed URLs, and suspicious domain extensions.
If something seems strange or a little suspicious, it probably is. Preventing ransomware should be a priority, and it’s better to be safe and not sorry. Train your employees that it’s better to double check when there is any doubt. Instead of clicking on a link, visit the site by manually typing the URL. Call to verify the document or download.
The right cyber insurance
As an insurance agency, if you are victim of a ransomware attack, it’s double jeopardy. Even if you are fortunate in having an intact backup of your organization’s data, the cyber criminals would still have access to all your client data. Cyber liability insurance is a new and emerging coverage, and much of it simply doesn’t go far enough. What you really needed is comprehensive coverage that addresses four primary exposures: cyber liability, property loss, business interruption, and crime for theft and extortion. You also want coverage with an experienced carrier that offers technology loss control and risk management expertise for this dynamic and emerging peril.
Important cyber security resources
- Stop ransomware – from the US Cybersecurity & Infrastructure Security Agency
- FBI- cybercrime – keep current on the latest news, cyber threats, and best practices
- Federal Trade Commission (FTC) Cyber Security Basics
- All about ransomware attacks and Cyber security basics – Everything you need to know about cybercrime – from Malwarebytes
Check out some of our other cyber security-related articles for insurance brokers: