Ransomware is by far and away the fastest growing attack method in cybercrime. It’s a trend that has only continued in 2019, with a serious uptick in the number of ransomware incidents and insurance claims in just the last couple of months.Robert H. Rosenzweig is VP and national cyber risk practice leader at Risk Strategies. As the volume and efficacy of attacks continue on an
upward trajectory, another trend has emerged: more and more victims are paying
the ransom.Evolution of ransomware
Among the emerging advancements in ransomware is the use
of command-and-control bots, used to not only encrypt data, but also navigate
through computer systems, steal credentials and gain access to system
administrator accounts. This complex malware gets hackers into the production
environment as well as the backup system to deploy the ransomware encryption.
With today’s malware, there’s no longer a perfect mitigating control.Timing is critical Ransoms
are insurable under cyber policies, as are other costs associated with an
attack, such as forensic investigative expenses, remediation costs and business
interruption losses. How your cyber policy is written can have a big impact on
the outcome and timing is a critical consideration.While a cyber policy may cover the ransom, there can be
some delays in paying out the demand. The longer the delay, the greater the
costs.Additionally, most cybercriminals demand payment in
cryptocurrency such as bitcoin. However, most insurance carriers don’t have
easy access to cryptocurrency. Some cyber insurers have vendors on retainer who
can access bitcoin quickly. This is important because if a network is down two
or three days and part of the delay is waiting to get approval and bitcoin
payment from the insurance company, it can create reputational damage.Steps to mitigate damagesWhile
there’s not much in the way of technology or risk management that can be done
to effectively eliminate the risk of a ransomware attack, there are a few
things you can do to mitigate damages:• Check
your policy. There’s value in working with your insurance broker to
make sure your policy is well-crafted and that ransom demands will be approved
and paid expeditiously.• Employee
training. In the majority of cases, bad actors are able to gain
access to a system and deploy ransomware because of human error. An employee
clicks a link, opens an attachment, downloads a file, or unwittingly gives away
credentials. Train your workforce so that they’re able to spot red flags.• Have
a post-attack plan. Make sure you have a business continuity plan
and an awareness around what key systems are needed to keep your business
up-and-running so you can continue to serve your customers.
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Cybernews reports that Caritas Internationalis, the Catholic Church's official charity organization, had at least 17 websites of its Spanish arm compromised as part of a web skimmer campaign that commenced in February 2024.
Israel subjected to persistent targeting by Iranian hackers The Hacker News reports that Iran-linked threat operations have continued launching malware attacks against Israel last year.
Security researchers have detailed the evolving tactics of the Russian-affiliated threat group Gamaredon, particularly its use of the PteroLNK variant within the Pterodo malware family, GBHackers reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
