Cybercrime: The Rising Risk of Ransomware

Cybercrime is on the rise. The latest trends are seeing ransomware as the most prevalent type of cyberattack. Even if you have an IT team on hand, or use a cloud to store data, you are still just as vulnerable to cybercrime. Both Managed Service Providers (MSPs) and Application Service Providers (ASPs) are experiencing an increase in severe cyberattacks, as are most businesses in the UK. According to Checkpoint, a leading provider of research in cyber threat intelligence, the UK has experienced an 80% increase in ransomware attacks in the past quarter. MSPs and ASPs are a key target as they provide a gateway for hackers to a multitude of businesses and network servers.

What is “Ransomware”?

Ransomware is a type of malware (malicious software) cybercriminals can implement onto your computer systems. The software encrypts files kept on the besieged computer and demands that the user pay a ransom to the attackers to remove the restriction and retrieve their content. Some ransomware merely locks you out of the system and displays messages demanding payment. Others use highly sophisticated encryption mechanisms, making it impossible for you or your information technology companies to retrieve the encrypted data. Forensics teams and security experts try to bypass or decrypt the encryption. Many criminals threaten to publish or leak the sensitive data obtained to a wider network unless the fee requested is paid.

Cybercriminals will be quick to pounce if they notice any vulnerability in your IT network. Whether it is an open Remote Desktop Port (RDP), use of legacy software (such as Office 2010) or by use of a brute-force attack on your administrator’s login. These can be exploited when your systems are not fully protected and up-to-date.

Outsourcing your cyber and data management does not eliminate your risk to cybercrime.

Imagine your cloud storage provider was subject to a cyberattack, leaving all of your business’ data vulnerable for the taking.                                                                                      A very recent example of this was the severe cyber and data breach to ASP, cloud service provider, Blackbaud. The US-based company experienced a ransomware attack in May 2020, which affected many businesses globally. Blackbaud paid the ransom requested of them by the cybercriminals in order to retrieve their system and data. Their clients mainly consist of non-profit organisations and educational bodies. In the UK alone, 166 organisations have filed breach notifications to the ICO. Amongst these organisations were the Labour Party, The National Trust, multiple Universities, and charities.

Blackbaud had previously informed their customer base that:

“The cybercriminal did not access credit card information, bank account information, or social security numbers. Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed.”

However, the full effects of the cyberattack are still unknown, and have left many institutes and companies reeling, and fearing that highly sensitive information of their clients have in fact been leaked, due to (unexpectedly) unencrypted files being accessed. This attack has damaged Blackbaud’s reputation as the world leading cloud software company. The negative media attention, the respect, and trust lost from clients, all are detrimental effects any company would want to limit. Not to mention the reputational harm Blackbaud’s clients have also received due to having to notify their own customer base.

What can Cyber and Data Breach insurance do for you?

Having Cyber and Data Breach Insurance in place would issue your business with an extra layer of protection. Not only can it help your business with the financial repercussions of an attack, it can also provide you with a dedicated advice line so you know that you’re doing the right thing each step of the way. Cyber insurers can assist with the negotiation of ransom demands to potentially prevent a greater payment. They can provide forensics investigations to see how the cybercriminals gained access to your systems, and can even bypass or decrypt the ransomware. They can also assist with better risk management to prevent further breaches. Insurers would be on hand following the fallout of a cyberattack so your business can still function: Covering losses, helping to rebuild your systems back up, and also help with the legal and PR nightmare that may occur.

When it comes to protecting your business, it helps to have access to other businesses that you can rely on. Here at Firth & Scott, we can help you to protect your business against the aftermath of a cyberattack with a Cyber and Data Breach Insurance policy.

If you want to know more about protecting your business against cybercrime, please get in touch.