Protect Your Agency from Ransomware
The biggest cyber threat to your agency in 2016 may not be a data breach, but a ransomware attack. I’ve had several agency owners tell me they have been a victim and have had to paid a ransom to get access to their compromised networks.
Ransomware is a type of malware that gains access to your computer system and makes either the entire system or the data on the network inaccessible by encrypting the information. The attackers then attempt to extort payment from the business in return for receiving the encryption key.
The healthcare industry seems to be especially vulnerable.
Incidents at Titus Regional Medical Center in Texas and the Hollywood Presbyterian Medical Center appear to be the start of a series of ransomware attacks on the healthcare industry this year.
Three California hospitals owned by Prime Healthcare Services, King’s Daughters’ Health in Indiana, Methodist Hospital in Kentucky, as well as Maryland/D.C.-based MedStar Health were all hit by or allegedly affected by ransomware in the past few months.
The reported amounts paid in ransom range from a few thousand dollars to $17,000.
- Virus Hits TRMC Computers
- Hollywood Hospital Pays $17,000 to Ransomware Hackers
- Two More Hospitals Struck by Ransomware, in California and Indiana
- FBI Investigating Cyber-Attack at Methodist Hospital in Henderson
- Ransomware Attack Hits Medstar Health, Network Offline
Is your agency secure? Unlikely!
Ransomware is not new. It first appeared when the Internet became more popular in the early 90s and had been around in various forms since. However, ransomware activity has significantly increased lately. Because acknowledging a ransomware attack involves owning up to vulnerabilities or mistakes, it is believed that only a small fraction of them are reported.
I talked to Mark Parrish, owner of Ajasent, a managed service provider that specializes in insurance agencies, to get his take on how ransomware is affecting his insurance agency clients.
During March, April, and May of this year, Mark received two to three calls per week from agencies that suffered a ransomware attack. This is the worst cyber-attack occurrence he has seen.
If an agency has not taken specific preventative steps to protect against a ransomware attack, his advice is to pay the ransom.
He suggests the following steps any agency can take to protect themselves:
- Have a backup (he received a call from an agent in Florida the week before I talked to him and that agency had never done a backup of agency data).
- Test your backup to make sure it is actually usable.
- Make sure you have a commercial grade virus protection program in place.
- Make sure you have a web filter to prevent your staff from going to malware sites. Malware sites account for 10 times more problems than viruses attached to emails.
- Have an agency-wide policy detailing expectations of staff for protecting the agency from any type of cyber-attack.
- Make sure everyone in your organization practices safe computing. Don’t connect to public Wi-Fi hotspots, be overly cautious about clicking on links in emails from unknown or unrecognized people, be very careful about opening email attachments even from people you know (their email could be compromised), and keep security software up to date – to name just a few.
- Think about creating and funding a Bitcoin account. Almost all require the ransom be paid using the cryptocurrency Bitcoin. It can take up to five days to set up a Bitcoin account. Many ransomware attacks will automatically double the amount of the ransom after two weeks. If you don’t have a plan in place, you could face a higher ransom.
Talk to your clients about how ransomware could affect their organization. While there is no insurance policy that I am aware of that will cover a ransomware attack, you can help them think through the risk management process so they can be better prepared.
Moreover, don’t be the cobbler with holes in his shoes! A ransomware attack could significantly impact your agency. Your organization will be better able to respond to an attack if you take the time today to think through your options and adequately prepare.
What have you done to plan for the possibility of a ransomware attack? Let me know in the Comments section.