If you haven’t heard, over the July 4 weekend, a Russian hacker group targeted Florida-based software management company Kaseya. They succeeded in locking up the files of between 800 and 1,500 businesses across a dozen countries, before demanding a ransom of $70 million. The attack caused cash registers in Sweden to stop functioning and it shut down schools and pre-schools in New Zealand too.
The interesting thing here is that the ransomware attack didn’t rely on relatively ‘easy’ tactics, like we’ve seen in most cases in the past. Usually, you see hackers exploiting vulnerabilities like shared passwords, or gaining access through social engineering or phishing. Not in this case. This was a seriously sophisticated attack – and, if companies continue to pay ransoms, attacks like these may become increasingly common in the future. So, in a world where you have a limited cybersecurity budget, and threat actors with almost government-level sophistication, what do you do?
- Consider cybersecurity insurance.
The risk and costs of cybersecurity breaches are increasing every year, and cyber liability insurance can help you manage the financial risk associated with the current cyber environment. Since cybersecurity insurance products are relatively new, the coverage offered by providers does vary. You’ll often see coverage for things like data breach notifications, hardware and software repairs, your PR response, ransom costs, privacy lawsuits, regulator enforcement costs, breach of contract or negligence claims, and costs associated with credit monitoring.
If you’re concerned about your business’ ability to withstand the financial burden of a cyber breach, you should speak with your insurance provider. Regardless, we strongly urge businesses which store more sensitive data, like credit card details, social security numbers, health information, or information relating to children, to consider insurance.
- Invest in continuity planning.
The malware that infected computers in the Kaseya attack reportedly didn’t encrypt the downstream companies’ backups, which means that many of the affected companies have been able to restore their systems using their backups. In this case, while the IT measures used to infiltrate the systems were sophisticated, it does look like they dropped the ball by not encrypting or wiping the system backups.
Work with your IT provider and legal counsel to develop a robust continuity plan and make sure you are backing up critical data on a regular basis. It helped countless businesses here – and it may be what saves you from a ransom attack in the future.
- Train your team.
Your staff represents your biggest cybersecurity risk. While this breach was the result of a sophisticated hack, the reality is that most aren’t. Your team needs to be aware of cybersecurity basics – and you should have both strong internal policies and routine training in place to promote good cyber hygiene habits across all your users.
- Don’t underestimate the impact of multi-factor authentication.
Multi-factor authentication, and other basic cybersecurity practices, help to reduce the risk of unauthorized access to your servers. You should work with your IT team to develop minimum technological protections. Then, speak with your attorney to develop policies that ensure your team is aware of these protections – and require them to use them.
- Know what to do.
Don’t assume that cybersecurity breaches are an event that only happens to other businesses. If you have data, you’re a viable target. Every business should develop and stress-test a response to various cybersecurity incidents, including ransomware attacks and data breaches.
You will need to work with your IT team and your legal counsel to develop your response. This planning is critical to good cyber hygiene, so don’t delay! We developed a more comprehensive blog post on this topic, which is available here.
If you have any opinions, thoughts, or questions, feel free to comment on our social media post sharing this content, or reach out to us at firstname.lastname@example.org
If you’d like more privacy and security-related content, read it here.
Finally, don’t hesitate to reach out if there’s any topic you’d like us to cover. We’re here to help!
The materials available at this website are for informational purposes only and not for the purpose of providing legal advice. You should contact your attorney to obtain advice with respect to any particular issue or problem. Use of and access to this website or any of the e-mail links contained within the site do not create an attorney-client relationship between CGL and the user or browser. The opinions expressed at or through this site are the opinions of the individual author and may not reflect the opinions of the firm or any individual attorney.