Cyber risk and, particularly, the risk from ransomware appears on everyone’s top risks list these days, including ours. The threat from a ransomware attack has rapidly increased over the past nine months, as many organizations continue to “work from home” which can come with more relaxed cybersecurity practices. As we go further into 2021, cybercriminals will continue to become more sophisticated, forcing these organizations to waste resources reacting to a ransomware attack.
Despite being full of positive, useful and educational information, the internet is chock-full of potential dangers, and your children can unintentionally get into quite a few uncomfortable and, sometimes, dangerous situations. These risks are even more prevalent now, as many parents are working from home and children are attending classes remotely. As highlighted in our past blogs on this topic, if you have a standard Homeowners policy, you will likely have little protection from the legal liabilities that can result from inappropriate actions via the internet. So, what can you do?
As companies had to quickly pivot and implement a remote work plan (a lot of them did not have such a plan in place) due to the ongoing COVID-19 pandemic, they became more at risk for a cyber attack and/or breach due to the vulnerabilities they did not even know they had. As a result of this there has been an uptick in the success rate of cyber attacks in the United States.
Coalition Inc., a cyber insurance provider, recently released their H1 2020 Cyber Insurance Claims report that noted a decrease in the frequency of ransomware claims however, its policyholders have experienced a 100% increase in average demands from 2019 to the first quarter of 2020, then an increase of 47% from the first quarter to the second.1
During every national emergency situation, there are always scammers who look to capitalize on people during times of distress. Scammers have already begun to take advantage of the current state of emergency due to the Coronavirus pandemic. Similar to Hurricane Sandy in 2012, phishing scams have begun to plague our inboxes. Coronavirus phishing scams may come in the form of a statement or request from someone impersonating a Centers for Disease Control (CDC), World Health Organization (WHO), or similar agency official. They may even use domain names similar to those of the CDC and WHO.
Multiple sources reported yesterday that hackers encrypted files on computers belonging to the city of Newark and have demanded $30,000 worth of Bitcoin to restore them.
Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt. Do you:
a) spend countless hours rebuilding from backups (if you were diligent enough to ensure they'll work) or
b) pay the perpetrator to unlock your files?
Now that ransomware is spreading like wildfire through malicious emails, "malvertising" campaigns, and exploit kits, many firms and individuals face this exact scenario.
Most companies today opt to distribute their employees’ W-2 tax forms electronically; either through email or some type of download service. Because these forms contain a good deal of Personally Identifiable Information (“PII”), such as name, address, social security number and salary information – cyber thieves are using several simple, yet, tried-and-true methods to fraudulently obtain them.
2016 was a big year for ransomware. It saw a massive increase in ransomware events and payouts to criminals, which, most experts say, only exacerbates the issue.
A 2015 report by the Herjavec Group (an Information Security company) noted that the total cost of ransomware reached $1 billion in 2016. With new “strains” of ransomware spreading worldwide (such as the Russian “spora”), we should all be on high alert for this business-impacting cyber threat.
In Part 1 of this post, I noted that ransomware events are occurring much more frequently; as many as 4,000 a day since January 1st of 2016. We took a look at some preventative measures that may protect your company and its network/data against a ransomware event.
The U.S. Department of Justice stated that “More than 4,000 ransomware attacks have occurred daily since January 1, 2016. This is a 300 percent increase over the approximately 1,000 attacks per day seen in 2015.”
Essentially, no particular user, company or business sector is safe. Although the Healthcare and Retail industries are targeted for their volume and value of data, home computers may also fall victim to ransomware.