The Modern Risk of Ransomware and How to Protect Against It

Between Petya, WannaCry, and NotPetya, it appears that we now live in an age where the threat of ransomware is uncomfortably real. Find out how you can mitigate your risk with Econorisk by your side.

In mid-May, the UK’s National Health Service (NHS) was hit by a form of malware. But, instead of stealing data or spamming the server, this malware simply restricted access to the NHS’s files, which meant that patients had to be turned away from hospitals. Within a short space of time – around a day – companies like FedEx, Renault, and Spain’s Telefonica had been hit with the same encrypting malware, denying access to their files. The malware was a form of ransomware called WannaCry, and its spread marked the beginning of a new era in cybercrime.

WannaCry operated in the same way as most malware does, in that it encrypted the files on the computers it targeted and demanded a ransom – between $300 and $600 in bitcoin – to decrypt the files. Security services jumped on the attack and had all but controlled it after 4 days.

However, just a matter of months later, a new form of ransomware has emerged. Though possibly less global than WannaCry, this new ransomware, named NotPetya, is more advanced.

Disguised as a new strain of Petya, which is a ransomware that was discovered last year, NotPetya uses the same exploit that WannaCry did. However, instead of encrypting the files on the affected computer, it is believed to wipe them. NotPetya still requests a ransom in bitcoin, but experts believe this is just a disguise.

What NotPetya Means for the Future

1. No One Is Safe
Ransomware used to be targeted largely at individuals, but this is no longer the case. With businesses having access to far more funds, they have become a common target for cybercriminals. However, that does not mean that smaller companies and individuals are now safe. Ransomware adopts a completely random method of targeting, meaning that anyone and everyone is at risk. And, with South Africa being among the top 5 most targeted countries for phishing attacks (according to a 2014 Symantec study), we are certainly on the radar.

2. Payment Is Not a Safety Precaution
There are rumours that some companies are keeping their bitcoin wallets full as a contingency plan. But, payment is not a good defence against ransomware. Aside from the fact that it perpetuates cybercrime, there is no guarantee that the criminals behind the attack will decrypt the files after payment. And, with NotPetya appearing to be a wiper as opposed to ransomware, loss of files is possible whether payment occurs or not.

3. Ransomware Is Here to Stay
WannaCry affected over 300,000 computers in 4 days, bringing down some major corporations. And, while it didn’t make an excessive amount of money, more sophisticated strains of ransomware could prove far more lucrative. Between Petya, WannaCry, and NotPetya, it appears that we now live in an age where the threat of ransomware is uncomfortably real.

How to Protect Against Ransomware

Of course, you need specialist IT security services at your disposal when it comes to ransomware. But, due to the success of recent strains, these can be overcome. So, to prevent against loss of profits due to data breaches and system downtime, you need specialist insurance solutions. Such insurance can help with the following costs:

  • Decryption services, which can help recover encrypted data without paying the ransom.
  • The ransom, which can be excessive but must be paid in some cases.
  • IT investigation, which can help discover how a system was infected and prevent against further attacks.
  • Post-attack PR, which can ease the minds of clients and prospective customers concerned about the attack.
  • Liabilities, which may result from the ransomware affecting the businesses of clients.
  • Loss of earnings, which result from the period of data unavailability.

Choose Econorisk to Help You Secure Your Data

Founded in 2001, and with branches across the nation, Econorisk is the right company to help you protect your company against the losses that come with ransomware. A leader in independent risk and insurance advice, we have the experience necessary to tailor-make your ideal cyber insurance package.

For more about our brokerage, or to begin protecting your business from cyber-crime today, please contact us or stay tuned for updates from the bespoke Econorisk Breakfast Risk Series.

Econorisk offers risk management for cyber threats

Share This Story, Choose Your Platform!