The Ferguson Insurance Team - Insurance in Charleston, SC

View Original

Cyber Insurance for 2022

With a new year come new challenges for cyber security, and your business needs to be prepared to face those challenges.

Last year, we saw more Ransomware attacks than ever before, and an increasing number of those were targeted at small to medium sized businesses. The big attacks on JBS Foods, the NBA, and the Colonial Pipeline made the news, but the reality is that far more attacks are made against local businesses just like yours for one simple reason: Attackers see them as more vulnerable.

Think about it, do you have a dedicated cyber security team, or even a single employee whose primary role is cyber defense? Small businesses rarely have the budget for an in-house defensive team ready to both stop threats and respond to incidents in real time. To the countless cyber criminals around the world who are looking for opportunities to extort what they see as easy money, many small businesses would be tantalizing targets.

What is Ransomware?

As a quick refresher, a ransomware attack is where a cybercriminal or group of criminals gains unauthorized access to your systems, installs malware on them that allows them to encrypt your data, and then displays a message on these systems explaining that to get your systems back, you will have to pay them a ransom, probably in cryptocurrency. As an added threat, if they have stolen any personal information like client records or banking information, they will threaten to release this information to the dark web where anyone can then use it to commit further crimes, like fraud, harassment, and identity theft. How much will they demand in ransom? It varies, but as of 2021, the average ransom payment was $570,000, which is an 82% increase from 2020, and unfortunately, the trend is only going up. Even the lower end of ransom demands in 2021 ranged from $10,000 to $50,000.

If you opened your computer today to find one of these extortion messages on your screen, who would you call first? How would you keep your business running, your employees paid, and your clients served? If you don’t know the answer, then keep reading.

“Before anything else, preparation is the key to success.” - Alexander Graham Bell, Inventor of the telephone

In the fight against cybercriminals, preparation is the best defense. Many home security experts recommend making your house as inconvenient to break into as possible, so that criminals will just pick a different target. Steps as simple as leaving a TV or radio on, having a car parked in the driveway, and the simplest of all, locking the door, are known to reduce the probability of a break-in. The same is true for your cyber security. There are some simple steps you can take that will greatly strengthen your defenses, making your business a harder target.

Cyber Security Tips:

  1. Turn on Multi-Factor Authentication. Multi-Factor Authentication, or MFA, is an added layer of security when logging into devices and accounts. In addition to a password, you will also need another method of verification. This usually takes the form of a code being sent to your phone, or being generated by an app, like Microsoft or Google’s Authenticator (both companies have apps by the same name), which generates a new six-digit code every 30 seconds.

    This way even if a hacker gets your username and password, they won’t have the code. This will stop most attacks dead in their tracks. Can it be a bit of a headache to turn this on and have an additional step when logging in? Sure. But it’s a minor inconvenience in exchange for a massive security gain. If you don’t know how to turn on MFA, we’ve included links at the bottom with more information.

  2. Use a Password Manager. Using a password manager has several benefits, not the least of which is simple convenience. How many times do you forget a password and have to reset it? With a password manager, you only have to remember one. The rest are stored (encrypted, of course) in the manager so that you can breeze through all those login screens. The added benefit of a password manager is that there is no reason to reuse passwords. Password reuse between different logins is a major security no-no, and one we’ve probably all been guilty of at some point. The reason this is such a risk is that if one username and password is compromised, any other account that password was also used for can also be at risk.

    Let’s say you have an account at an online retailer (we won’t name any names, but several major ones you’ve definitely shopped at have been breached in recent years, resulting in leaked passwords.) and they get hacked. All the usernames and passwords for that company end up getting shared to the dark web as databases that hackers can quickly try when attempting to guess usernames and passwords to other services. If you reused that password for your email, and a hacker is trying to break in, they stand a good chance of getting in by just using the leaked list. With a password manager, you can have a unique password to every single service, and let the program generate a new one every time. These passwords are random strings of letters, numbers and symbols, virtually impossible to guess.

  3. Look out for phishing. Over 90% of successful hacks begin with a phishing attack. The reason? It’s the easiest way to attack. It requires next to know technical know-how, and relies on fooling the person behind the computer, instead of exploiting a software vulnerability. You’ve most certainly received a phishing email before, but it is always good to be reminded what to watch out for. Look out for misspellings, poor grammar, or awkward phrasing that doesn’t seem quite right. Also, take note of any language asking you to act right now. A tone of urgency should actually trigger you to slow down a moment and think about the email. Hackers want you to act now and think later, when its too late.

    Also, be on the lookout for an email claiming to be from a company you have an account with asking you to verify account information. This is 100% a scam and a blatant attempt to steal your login information. Hackers will also disguise malware as other types of files, so carefully scrutinize attachments to emails, and links within the email. If you receive a file unsolicited, think twice about it. It may look like it is from someone you trust. You can always pick up the phone and call that person, or send a separate email (don’t reply to the suspect message) and ask if they sent you a file or link. If they have no idea what you’re talking about, that’s a firm indication that you have a phishing email on your hands. Just delete it. Phishing is also now starting to take the form of text messages and phone calls, so treat those with the same scrutiny you would your email.

  4. Update your software. This means applications as well as operating systems. Software developers routinely discover vulnerabilities in their programs, either because a hacker uses it on one of their users, or one of their researchers finds it. When they find these vulnerabilities, they will release updates with patches to remove that weakness. Many successful hacks were only possible because the target was not up to date on their software patches. Any time you see your operating system or a program suggest an update, make sure you do it that day. Browsers are especially important to keep updated, as they are often the attack surface for hackers using a whole array of tools designed to exploit web browsers.

  5. Consider an MSP. An MSP, or Managed Service Provider is a company that you farm out your IT to, if you don’t have the resources to do it in-house. MSPs are usually a much more cost effective option than having your own IT staff, and will do a lot of the heavy lifting for you, including helping you stay on top of many of the steps outlined above, as well as other computer problems you may encounter through day-to-day business. Some MSPs offer incident response as well, in case you do suffer a cyber attack of some kind.

  6. Conduct regular backups. By backing up your data, you remove some of the threat associated with a ransomware attack, since you can simply restore from a recent backup instead of paying the criminals the ransom. You can do this yourself, or have an MSP do this as part of their services. This technique is not foolproof though, as you may have important information that hasn’t been backed up yet, or the extortion may also involve the threat of releasing your data, which no amount of backing up can prevent.

    In addition, you may not know exactly when the malware got into your system, meaning that you could restore to yesterday’s backup, only to find yourself staring at the same ransom demand moments later, because the malware has been there for days, or even longer. Still, backups are a best practice and can save you from a lot of headaches in other situations, like a fire or flood that physically destroys computers on your premises.

So you have taken all the steps above to protect yourself from ransomware attacks. That’s great, and you are more prepared than the average business. But no defense is perfect, and one slip up with a phishing email, or one missed update can result in a hack. Even without a mistake on your part, hackers are developing more sophisticated tools now that can completely circumvent every defense you have and breach your security anyway. If that scares you, it should. Thankfully, there is a solution even if everything else fails and you are hacked.

Cyber Insurance Coverage

Cyber Insurance is a vital component of any cyber defense strategy, and should be just as important to the continued success of your business as any of your other policies. Let’s go back to our question from before, who would you call if you do suffer an attack? When you secure coverage with a cyber insurance policy, you gain access to a whole team of professionals ready to come to your defense. Your business will have a 24 hour response team that can get started cleaning up the mess, as well as a negotiator who will engage with the hacker to get your data back, and even facilitate payment of the ransom if necessary, up to the amount of coverage your policy offers for payments. Once the worst is over, this team will also help restore your systems and get the malware out. Cyber insurance can even hire a Public Relations firm to manage the crisis and help your business restore its reputation after a breach.

If any client records were exposed in the attack, a cyber policy can pay for digital forensics to audit exactly what was exposed and whose personal data was available to hackers, as well as inform those individuals of the breach, and pay for credit monitoring for those individuals, which may be required after an attack. How many customers do you have for whom keep any personal information? This could be email addresses, mailing lists, any password information including security questions, driver’s license numbers or other ID information, and miscellaneous data that could identify a client, customer, or employee. As a general rule of thumb – multiply that number by $200-$400 per unit. That’s about what it would cost (at a minimum) to notify and remediate any breach costs to customers or employees.

Your business needs cyber protection. It’s the single greatest threat facing American businesses of every size, and the one most are least prepared to deal with. If you have a break in, you can call the police, if there is a fire, you can call the fire department. But if you have a cyber incident, like ransomware, only a qualified team of incident responders armed with the skills to defend you and the funds to potentially pay a ransom can protect your business.

To find out how to protect your business today, click here.

Further Reading:

How to turn on Multi-Factor Authentication: Windows - https://docs.microsoft.com/en-us/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authentication?view=o365-worldwide

How to turn on Multi-Factor Authentication: Google - https://support.google.com/accounts/answer/185839?hl=en&co=GENIE.Platform%3DDesktop

Password Managers

1.       https://www.dashlane.com/plans

2.       https://keepersecurity.com/