Are you adequately insured in the event of a cyber attack? If the answer is NO, then you need to review your cyber-security urgently.
There is a consensus among tech experts that cyber-criminals are changing their tactics and getting smarter, as firms become better at defending themselves.
So, while the number of attacks may arguably be going down, the level of targeting and sophistication is steadily increasing. There are several ways in which ransomware can infect your computer network. One of the most common entry points is via a phishing email, where the malicious software (malware) is hidden in a hyperlink or a file attachment.
The phishing email’s sole purpose is to persuade the unsuspecting recipient to download an attachment, click on a hyperlink or hand over personal details or other sensitive data to gain access to a computer. Once ransomware gets into that computer’s network it typically encrypts files or locks computer screens until the ransom is paid. There is no guarantee, of course, that the attackers will unlock your computer system once you’ve met their ransom demands. They are criminals, after all.
It’s also becoming increasingly difficult to spot the difference between phishing scams and legitimate emails, as recent attacks on PayPal and Google demonstrate. Confronted with this evolving threat, employees have become the frontline in an on-going battle with cyber-criminals, so reducing their vulnerability to phishing emails must be a priority. This is where training and awareness are crucial to mitigate these online threats.
Manufacturers, hospitals, government agencies, legal firms, charities and schools are particularly susceptible to a ransomware attack, especially if they hold sensitive personal information that hackers can encrypt to extort money. These organisations also tend to have smaller IT security teams and a varied user base (such as homeworkers, contractors, etc) where a lot of file-sharing may take place, making it easier for hackers to find and exploit vulnerabilities in the organisation’s defences.
Our cyber-insurance specialists can work with you to design a risk management programme to provide protection for your organisation. For more information on how we can help, contact us today