Cybersecurity is an important facet of operations that employers must deal with – data breaches can be costly, and malicious attackers are becoming more and more ubiquitous.
The different types of attacks by hackers are numerous and each uses different strategies to exploit weaknesses in a given digital system.
One of the most nefarious is the “ransomware” attack – here’s how to recognize them and how employers can mitigate their effects.
A Ransom Note
Ransomware is a specialized piece of software designed to hold data “hostage”. Much of it is presented as legitimate emails that encourages the recipient to download an attachment or click a link, either of which can deliver malicious software. This code can encrypt files on the infected device, making them unusable to anyone who doesn’t have credentials to “unlock” them. This is usually coupled with a demand for payment in order to have those files unlocked. It is a relatively easy attack to implement and has a high potential for profit – making it an attractive approach to cybercrime. Ransomware kits are even sold to potential perpetrators, lessening the skill requirements to launch an attack.
Criminals can also use the data they encrypt with the attack – anything useful will be lifted from the compromised device, which may include usernames, passwords, payment info, contact info, and more. Large and small employers can be attacked – on August 18th, the Carnival Corporation reported a hit from ransomware, which encrypted a part of their IT systems and extracted their data.
Attacks Employer data is important – the first reaction, generally, is to pay the demand to get the data returned safely. However, employers will want to prevent attacks in the first place. After all, the average payout to attackers in 2019 increased to $41,000 (not to mention the other losses from the actual data being breached), a figure most employers would likely see as unsustainable. Having a strategy in place to prevent the attack in the first place would be a much more cost-effective solution.
As with many cybersecurity attacks, the first line of defense is the user. Learning to discern what is safe to open and download against what is not can mean the difference between prevention and catastrophe. Proper training on identifying malicious emails and links should be given to all employees, as well as information on the risks of using public WiFi – all avenues for a hacker to attack. Software created to identify the specific behaviors of ransomware does indeed exist, however it does not specifically prevent the attack, but only provides information on how to react after an attack has been made.
Backing up the system – locally and on a network – can be essential to preventing the ravages of ransomware. With a backup, the entire affected system can be wiped and restored with the backed-up data. Network segregation – restricting access to specific parts of the network to specific users, can also help. It can prevent the entire system from being compromised and mitigate the amount of damage that can be done.
With employer data becoming more valuable, protection is of the utmost importance. All cyber attacks can be devastating, and ransomware is becoming more of a common threat as ease-of-use becomes greater and more prevalent. Taking these steps to decrease ransomware attacks can be definitively beneficial to employers and their data.
For additional information and assistance regarding cyber security awareness, please feel free to contact your Preferred Loss Control Consultant, or visit the Preferred Risk Management Resource Center, which is available to all Preferred members who place their employment practices related coverages with Preferred (https://login.enquiron.com/pgit).
* Special thanks is given to Enquiron® which has given us limited permission to reprint this article from the Preferred Risk Management Resource Center, which is available to all preferred members who place their employment practices related coverages with Preferred.