Everything Businesses Should Know About Ransomware

Ransomware is one of the most serious cyber security issues globally, and has huge potential to cause significant damage for businesses. It’s crucial for business owners to understand ransomware and the associated risks in order to protect their companies and seek the appropriate insurance coverage.

What is ransomware?

Ransomware is a form of malware, or malicious software, that blocks access to the user’s data or threatens to publish the data if a ransom is not met.

In the early days of ransomware, simple cryptography was used to change file names, making it relatively easy to survive and resolve. Modern ransomware is a much more complex problem, using advanced encryption, including a technique called crypto-viral extortion. Hackers encrypt user data and demand a ransom in exchange for the encryption key, but oftentimes the key is not provided.

Initially ransomware was targeted more at regular internet users, but as techniques advanced, businesses and high profile corporations became victims as well. In 2018, the number of ransomware attacks amounted to an astounding 204 million worldwide, indicating a serious problem.

The difference between ransomware and other malware

Malware is defined as any program that is designed to damage or hack a device. Ransomware is categorized as malware, but is a serious threat due to its ability to restrict access to user data.

Common types of malware

Viruses

Viruses can damage computers and other devices by corrupting data and reformatting your hard drive. Hackers frequently use viruses to steal information and money from their victims. Viruses are a little easier to stay safe from as they require action on the user’s part to infect their system.

Worms

Worms are a common type of malware that exploit the vulnerabilities in your operating system and consequently spread over networks. Worms can replicate themselves without any action from a user and cause extensive damage to damage systems.

Trojan horse

Have you ever been tricked into downloading a harmless file or program that seemed legitimate? Trojan horses are downloaded by unsuspecting users and give the cyber attacker power to steal data, monitor files, install more malware, and cause other kinds of damage.

Spyware

Another common type of malware is spyware, which can be downloaded on your computer without your knowledge and tracks your activity. It can collect sensitive information through keystroke monitoring.

The Impact of Ransomware

Businesses face immense risks when it comes to ransomware attacks, including lost company and customer data. A ransomware attack can cost a company hundreds of thousands of dollars and a damaged reputation.

Most common causes of ransomware attacks (percentage of respondents):

1. Spam/phishing emails - 67%
2. Lack of cybersecurity training - 36%
3. Weak passwords - 30%
4. Poor user practices - 25%
5. Malicious websites - 16%
6. Report clickbait - 16%

Don’t overlook a valuable risk management analysis to assess your business for any of these vulnerabilities. A strong cybersecurity training program can help reduce the risk of ransomware attacks on your company.

Ransomware was the second leading cause of cyber liability insurance claims made by small and medium-sized enterprises in North America between 2014-2018. It’s a serious threat that can completely destroy a business without the proper precautions being taken.

How to protect your business against ransomware losses

Cyber liability insurance may have once seemed like a luxury, but is now more of a necessity as cyber attacks continue to assault businesses.

A company can never be completely secure, but it can be resilient and prepared for the worst. Cyber liability insurance is a key defense in providing resources for companies that are hit by a ransomware attack.

Standard commercial policies do not cover cyber attacks unless specifically outlined, so don’t get overly comfortable with your normal level of business protection.

Fortunately, the number of organizations that purchase cyber liability insurance has steadily increased over the years, from just 35% in 2011 to 75% in 2018, reducing susceptibility to financial losses.

What does cyber liability insurance cover?

Business cyber liability insurance protects against the following events:

• Business interruption due to cyber attack
• Data loss and corruption
• Identity theft
• Cyber extortion
• Recovery of business reputation
• Other types of liability

Ultimately, cyber liability insurance will greatly diminish the risk of damages caused by a ransomware or other malware attack. While you can take extra measures to protect against such an event, an added level of protection will prove most beneficial.

Contact your local independent insurance agent today to learn more about why you should carry cyber liability insurance.