Be informed, Be Alert, Be Prepared

Be informed, Be Alert, Be Prepared

Top tips on managing the threat of a Ransomware attack and the critical protection afforded by a Cyber Liability policy.

What is Ransomware?

Ransomware is a type of malicious software that encrypts or blocks access to system data and then demands a ransom be paid to release it. Typically, an attacker will spray thousands of systems at once, looking for vulnerabilities that would allow the software in. 

How common are Ransomware attacks?

Ransomware has become one of the biggest cybersecurity threats in the world. According to FBI statistics, hackers extorted over $209 million in ransomware payments in the first three months of 2016. The business of ransomware is on pace to be a $1 billion a year crime.

Recent research conducted by security firm Malwarebytes revealed that 54% of UK companies surveyed had been the target of a Ransomware attack with one-third of businesses losing revenue as a result. 

Although the sums demanded have historically been modest, or at least small enough for a business to swallow, they are steadily increasing. In addition, a business might run into even more financial trouble if system data is destroyed entirely, leading to significant business interruption. The Malwarebytes survey found that one-fifth of British companies who had been hit by ransomware were charged more than $10,000 to unlock their files, and 3% of the demands were in excess of $50,000.

Sophisticated targeting

Attacks are becoming increasingly sophisticated with a recent rise in so-called targeted extortion attacks. Rather than blanketing multiple systems with malware, attackers are targeting single systems holding valuable data and deemed to be vulnerable. Understanding the value of the targeted data hackers then demand much more for its safe release. This can create significant collateral damage and put an entire business in financial jeopardy.

Managing the threat:

Symantec predicted that we would see a 35 per cent rise in ransomware attacks in 2017. You must ensure you are prepared. The guidance below is by no means comprehensive but these are the basic steps that all firms should be taking.

  1. Don’t ignore the patches and upgrades that are available and apply them across all devices including mobiles and laptops.
  2. Make sure your firewalls are robust.
  3. Don’t let employees install software on their desktop PCs or laptops without authorization and restrict personal use of devices. It is believed that more than half of ransomware attacks on businesses start because employees are doing personal tasks on corporate devices, creating holes in security.
  4. Restrict which members of staff can access sensitive data.
  5. Back up data regularly to a secure server that is completely separate to the main system. This will usually allow the quick recovery of data, minimising the effect of a breach.
  6. Ensure that all your staff know how to respond.

The NHS’ approach to cyber security has been criticised following last week’s WannaCry attack.  Whether this criticism is fair or not, the approach of an organisation the size of the NHS is likely to be far more sophisticated than that in place in many smaller firms.   How many of you can hand on heart say that you are absolutely confident that you never ignore updates or that everyone in your business would know how to respond to a Ransomware attack?

If you can’t respond positively to these questions, then cyber liability cover really could be critical. 

Why?

  1. In response to a ransomware attack – a cyber liability policy would provide immediate access to a team of experts to help you manage the situation and to get your systems operating as quickly as possible.
  2. A cyber liability policy will provide business interruption cover.
  3. Third party losses resulting from a ransomware attack would currently be covered by a professional indemnity policy, but PI policies are largely untested in terms of their response to a cyber or data breach and this cover may not always be available.

Howden provides comprehensive cyber liability insurance to legal services firms and we offer discounted insurance rates for members of the Society of Licensed Conveyancers.  Premiums start at £270. 

Edward Donne

Director Professional Indemnity

Howden UK Group Ltd

[email protected]

020 7133 1247

This article was submitted to be published by Howden UK Group Limited as part of their advertising agreement with Today’s Conveyancer. The views expressed in this article are those of the submitter and not those of Today’s Conveyancer.

 

Howden UK Group Ltd

http://www.howdengroup.co.uk/en/business-products/professional-indemnity/conveyancers/

Howden’s Professional Indemnity division is one of the UK’s most respected and experienced Professional Indemnity Insurance (PII) broking teams.

Howden is the recommended insurance broker for members of The Society of Licensed Conveyancers and an official partner to The Conveyancing Association. We provide cover that is approved by the Council for Licensed Conveyancers (CLC) and compliant with the regulator’s minimum terms and conditions.

“We made a 33% saving on our Professional Indemnity Insurance premium for the year, for exactly the same policy terms as the CLC Master policy. The service was prompt and we received our insurance quote in good time before the deadline – which made a pleasant change. I would thoroughly recommend that all Licensed Conveyancers consider their professional indemnity insurance options very seriously. I am aware that other leading Licensed Conveyancing practices have also made significant savings and have been pleased with the served received.”

Lloyd Davies, Managing Director, Convey Law.


Contact: Edward Donne

Tel: 020 713 1300

Email: [email protected]

 

Leave a Reply

Your email address will not be published.

X