Cyberattacks and cyber security
More than 200,000 computers in 150 countries were hit by the largest ransomware attack the world has seen last May 12, 2017. Cyber terrorism has become a major concern of business firms – large and small. The insurance industry has now started to cope with this major new factor in risk management.
What are the major things that every computer user should know about this new threat. Here are answers, provided to me by Lockton Philippines Insurance Brokers, to a few basic questions.
What is a cyberattack?
Cyberattacks are also called cyber campaign, cyber warfare or cyber terrorism in different context. This is employed by nations, groups, individuals or organizations that target computer information systems, infrastructures, computer networks or personal computer devices by various means by hacking into a computer system. It can range from simply installing a “spyware” on a PC to destroying the infrastructure of an entire nation.
What happened on May 12, 2017?
A form of ransomware called WannaCry (also known as WannaCrypt, WannaCrypt Or, Wcry and Wanna Decryptor) began spreading on May, 12, 2017. Investigators initially thought the malware was introduced into computer systems through phishing attacks. Now the method of introduction is not clear.
Once in the computer system, the malware spread easily to other computers because it took advantage of an exploit developed by the US National Security Agency called EternalBlue that makes use of a vulnerability in the Microsoft Windows operating system. WannaCry encrypts files on a computer and demands payment of a $300 ransom in Bitcoin to decrypt the files. The ransom increases to $600 if the $300 is not paid within three days. If that is not paid within seven days, the files are permanently lost. Some of the global victims of the attack included the UK National Health Service, FedEx, Nissan, Deutsche Bahn railway company in Germany and the State Police in India.
How did the Cyberattack End?
The cyberattack ended partly due to the efforts of Marcus Hutchins, a 22-year-old cybersecurity researcher known as “Malware Tech”. He discovered a kill switch in WannaCry in the form of an unregistered internet domain that could be registered by the cyber criminals to prevent the ransomware from functioning. There have been reports that the ransomware has reappeared in a form without the “kill switch” so it is likely that versions of the ransomware will reappear..
What should companies do to avoid becoming Ransomware victims?
There are several steps a company should take: • Patch systems regularly. As vulnerabilities come to light, companies like Microsoft quickly issue “software patches” that resolve them. The patches typically will not be Automatically installed so companies need to put procedures in place to ensure that they learn about and apply patches on a regular basis.
• Back up systems regularly. A ransomware attack can be quickly resolved by restoring the encrypted files from backup. Backups should be kept on a different system so that a ransomware attack cannot encrypt the backup. • Install and conscientiously update anti virus software. • Train employees to recognize phishing attempts to minimize opportunities for ransomware to enter computer systems.
• Ensure that the company has an incident response plan to follow when a ransomware attack takes place.
Can cyber insurance assist in a WannaCry Ransomware attack?
Cyber insurance can play a critical role in any ransomware attack. When the attack occurs a company must investigate what happened and take the necessary steps to end the event. Unlike the ransom demanded by the WannaCry ransomware, the costs incurred to evaluate and resolve an attack can be significant. Those costs can be covered under a good cyber policy. They may also be covered under a kidnap and ransom policy in addition to having coverage in place, the policies provide the added benefits of the insurers’ experience with similar situations.
What are cyber risks to business?
Every business – large or small – that uses a computer network has assets that can be compromised by cyber incidents. Here are some of the major examples:
Property damage. Equipment sustains physical damage in an attack. There will be an estimated 20 Billion connected devices by 2020 and experts agree that critical infrastructure will be at risk.
Network interruption. Businesses may be unable to operate after suffering a denial of service or phishing attacks.
Data corruption. Digital content is damaged or stolen in an attack. A cyber criminal can infiltrate a system through a phishing attack and delete a manufacturing code, for example. Besides business interruption, there will be costs incurred in data restoration.
Theft of intellectual property. The calculation of economic loss is elusive when it comers to theft of intellectual property. For example, Chinese hackers allegedly stole the radar designs and engine schematics for the Lockheed F-35 fighter jet. What remains elusive is how an insurer can model just how much damage can be inflicted on a defense contractor by the theft of proprietary intellectual blueprints.
Cyber extortion. Users are unable to access encrypted data until a ransom is paid.
Ensuing damage. Insurance coverage for ensuing damage is also important. For example, in food processing, most policies exclude a change of temperature in freezers. However, if hackers gain access to the controls and raise the temperature in a dairy’s freezers, an entire inventory of ice cream products can be ruined.
Cyber risk is no longer just about data. It now includes the whole spectrum of computer system security risk including system destruction, system infiltration and misuse, data corruption, business interruption property damage and even bodily injury. Governments and businesses must now fully integrate cyber into its risk management practices.
Creative writing classes for kids & teens
Young Writers’ Hangout for Kids & Teens on August 5 and August 19 (1:30-3pm/independent sessions). All sessions are at Fully Booked Bonifacio High Street. For registration and fee details text 0917-6240196 or email writethingsph@gmail.com.
Email: elfrencruz@gmail.com