It’s one of the oldest plots in the movies.  A person or object of great value gets kidnapped.  A demand for money or some other form of tribute is demanded.  And either the ransom gets paid, or a rescue ensues.  The end, curtain down, talk about the film on the ride home.  Nice and tidy.

Until it happens in real life, and the true impact of ransomware – the infiltration of your computer system, complete with unwanted access to your most sensitive information – becomes all too clear.And don’t think it couldn’t happen to your small business.  Ransomware strikes at systems large and small.  In fact, a small contractor servicing a large corporation can serve as one of the easiest “back doors” for a hacker to make an enormous score.In 2019, the Internet Crime Complaint Center (IC3) received 2,047 complaints identified as ransomware, with losses in excess of $8.9 billion.  That’s billion.  With a “b.”  Even while citing those statistics, IC3 also insists that instances of ransomware remain vastly underreported, so the true total of losses is probably much higher.Intricate, elaborate, expensive software systems designed to block sophisticated ransomware attempts can be effective, and have real value in the ongoing fight.  But it’s also important to remember that ransomware hackers can gain all the access they need by the simplest of methods, as well.  A targeted phishing attack that gains the credentials of top managers can parlay that information into a quick and substantial ransom payment.So how to avoid the chilling and costly incidence of being held for ransom by outsiders capturing your proprietary data?  Establish a relationship with federal law enforcement authorities and trusted organizations like the non-profit National Cyber Forensics-Training Alliance (ncfta.net), conduct continuous employee awareness training that includes top officials of the company, increase knowledge of ransomware tactics and trends to stay ahead of the threat, and review your insurance coverage against losses attributable to ransomware attacks.The professionals at The Reschini Group can work with you to audit your exposures and craft a policy package to provide the proper level of protection.  Because being held for ransom is not a plot device in a movie that you can walk away from.  It’s all too real.

---

Copyright 2021 The Reschini GroupThe Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.

Recovering from a cybersecurity incident can be a daunting undertaking, especially if you’ve lost information that’s critical to running your business. But you can limit the damage to your company and your reputation by developing a solid recovery plan in advance.

Conduct a full, encrypted backup of your data on each computer and mobile device at least once a month, shortly after a complete malware scan. Store these backups at a protected, off-site location. Save your encryption password or key in a secure location separate from where your backups are stored. Many software applications will allow you to encrypt your backups.  With your backups in place, if a computer breaks, an employee makes a mistake, or a malicious program infects your system, you’ll be able to restore your data. Without backups, you’ll have to manually recreate your business information from paper records and employee memory.It’s essential to back up data such as:

• Word processing documents and electronic spreadsheets
• Databases, especially customer relationship management (CRM), financial, human resource (HR), and accounts receivable (AR)/payable (AP) files
• Product design and manufacturing data
• Other operational technology (OT) data such as machine and process condition monitoring and analysis
• System logs and other information technology (IT) information

Don’t worry about the software applications; just focus on the data. Store your backups on an external USB hard drive, other removable media, or a separate server. Use caution when selecting a partner if you decide to store your data online and encrypt all data prior to storing it in the cloud.Hard-drive backups should be large enough to hold all your monthly backups for one year. Create separate folders for each computer so you can copy your data into the appropriate folder on the external drive. After your backups are complete, test them immediately to ensure your efforts were successful.Like flood or fire insurance, you can purchase cyber insurance for your facility. These services can help you recover from an information security incident more quickly and effectively and may cover the cost of:

• Cybersecurity expertise to assist in identifying the extent of damage caused
• Consultation to help investigate the incident and report it to the appropriate authorities
• Loss of revenue due to downtime
• Legal fees, fines, and penalties incurred

The Reschini Group can help you navigate the ever changing world of cybersecurity. Contact us today to discuss your situation.

---

Copyright 2020 The Reschini GroupThe Reschini Group provides these updates for information only, and does not provide legal advice.  To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.Excerpted from: https://www.nist.gov/blogs/manufacturing-innovation-blog/how-recover-cyber-attack