Ransomware attacks - how to protect your business
You will have seen over the past week a number of organisations in the UK and elsewhere suffering from hacking, ransom demands and blocking access to systems resulting in the closure of production facilities. Whilst news is still filtering in, we have gathered some information on what happened and actions you may wish to take to protect yourselves.
Ransomware is a type of malicious software that blocks access to a computer or its data and demands money to release it. The malware used in Friday’s attack, dubbed WannaCry or WanaCrypt0r, encrypted more than 200,000 computers in more than 150 countries demanding ransoms of $300 to $600 to restore access. It exploited an unpatched vulnerability in the unsupported Windows XP operating system, and was activated when users reacted to an email. While ransomware is a common cyber threat, the size of the attack has not been seen before.
What should you do if impacted?
- You may wish to patch the Microsoft update and follow their best practice at the Microsoft blog
- If your systems are compromised you should contact your IT vendor. If you do not have any IT support we encourage you to call the 24/7 cyber incident hotline run by NCC Group 0161 209 5148 or email email@example.com.
Oliver Gower, Deputy Director of the NCA’s National Cyber Crime Unit has stated: "Victims of cyber crime should report directly to ActionFraud. We encourage the public not to pay the ransom demand.”
What should you do to minimise your exposure to these risks?
- Ensure all systems have the latest security updates applied.
- Confirm data backups are recent and maintained regularly, whether by yourself or your outsourcers.
- Through user training, ensure employees are aware of the key cyber risks and are aware of “phishing” emails and other common attack vectors – such as the “fake president” email.
- Purchase a Cyber Insurance policy to transfer some of the financial risk and secure 24/7 incident response assistance.
Cyber Insurance – how can it help?
For those businesses that had to shut down their operations over the weekend, the business interruption costs will be significant, not to mention the costs of the IT support, consultants and the ransom. Given what we know about the risks, we have been working on an exclusive Cyber policy for Arthur J. Gallagher clients which we will be launching in June.
This product is specifically designed for UK businesses, with turnover up to £100 million and is easy to apply for and obtain terms. For those with larger turnovers and global risks, we have a bespoke solution available with well-known market specialists.
If you have any questions about cyber insurance, please contact your usual Arthur J. Gallagher Account Executive or get in touch via the details below.