Ransomware encrypts computer files and is used by hackers who then demand money in exchange for freeing the content. It is becoming a huge problem globally. The costs of unlocking data varies; with individuals typically paying a few hundred dollars to thousands of dollars for businesses.
There's plenty of attention paid when a company like Target or Home Depot gets hacked. These major cyber breaches attract extensive media coverage, often creating the illusion that it's only big businesses that are at risk of an attack. But that's far from the case.
For those who are under the impression that hackers only bother with big companies, one report studied "everyday" breaches. Of the breach events studied, 90% of the organizations that experienced breaches were small and medium sized. With a median event cost of $18,000 and an average down time of 78 days these are numbers that simply can't be ignored. This speaks to the importance for firms to have cyber insurance and computer systems security and recovery protocols in place. For more information on Cyber Breach Claims Corax and the law firm Clyde & Co have collaborated to produce a joint white paper.
The FBI has issued warnings saying that the number of ransomware attacks continues to grow rapidly with the FBI receiving thousands of complaints annually. The prevalence of ransomware was the second most common breach event type.
There are new ransomware variants being written all the time and ransomware writers take the time to dissect and understand how this new technology operates, creating versions that attempt to either bypass detection, or at the very least search more effectively for likely sensitive files, before encrypting them, with the hope of having the biggest impact on securing a ransom payment.
There are now over 120 separate families of ransomware. Other researchers have seen a 3,500% increase in the criminal use of net infrastructure that helps run ransomware campaigns. That rise is driven by the money thieves make with ransomware and the increase in kits that help them snare victims.
The rise is also blamed on the appearance of freely available source code for ransomware and the debut of online services that let amateurs cash in. Ransomware is easy to use, low risk and offers a high reward. The return on investment is very high.
The spread of ransomware was also being aided by tricks cyber-thieves used to avoid being detected by security software. Traditional anti-virus software is not effective in dealing with these types of attacks. Cyber gangs behind the most prevalent ransomware campaigns have gotten very good at hiding their malicious code. Ransomware also reaches victims via spear-phishing campaigns or booby-trapped advertisements.
If a ransomware attack happens to your firm, do you have the proper insurance coverage? For most firms being without your computer systems for 78 days may put the firm out of business. The chances that the firm will recover diminish each day that the firm’s systems are down. A good cyber policy will also provide an expert support team to help the firm get its systems back as soon as possible.
Typically your accountant or lawyer malpractice insurance will not cover such claims unless it results in a malpractice or disciplinary issue. Even if it covers the 3rd party malpractice claim there is no coverage for the experts needed to help restore your systems. Your business owner’s policy likely will not provide coverage unless endorsed. Cyber Insurance many times is the best alternative for covering these types of risks. L Squared represents a number of Cyber Liability Insurance carriers that specialize in insuring professionals.