What would happen if your firm’s computer systems were hacked and encrypted with ransomware?
You scramble and try to find your policy documentation.
It’s here somewhere. I’m sure I’m covered…I mean, I think we’re covered. I better make sure.
You contact your IT Support company and your insurance company…
“You look after our IT support and we have business insurance, so we’re good to go if we have a breach, right?”
Insurance coverage can be confusing. And there’s an assumption that when you buy one policy, it covers anything that falls under the business. Cybercrime is likely not in there. Not only is it a relatively new issue, it probably is not covered by the policy that you have in place.
Most MSP (Managed Service Providers) don’t offer dedicated Cyber Security solutions for when you are hacked or fall foul of a ransomware attack. In general IT support terms, they will have (we hope) a working backup with which they will attempt to restore the data (providing the backup wasn’t also encrypted). But rarely will they offer cyber security prevention and cyber security lockout policies, often preventing the breach attack in the first place.
…. So, it turns out that you actually don’t have either in place and to be fair, you really should. Here’s why.
You are a small to medium-sized business. You know everyone at the office by name. They aren’t going to do anything to jeopardise your business and you know that they are all careful. Besides, you are a small firm that just deals with local businesses – nothing that a hacker would be even remotely interested in, never mind actually wants…they are going to go after the bigger companies with something worth stealing…
Let’s say that one of your employees is going through their email and receive a link to update their word processing software. You don’t think it’s important enough to report to our IT support company, besides, It says it’s from Microsoft and so it must be ok. She needs to get a letter out today, so wanting to be efficient, she clicks on the link and will update the software so she can continue on with her work.
Unfortunately, the email was a phishing email that distributed ransomware to her system. But she doesn’t realise this and keeps working (as no alert is shown). All the while, entering more passwords, giving more and more access to hackers. The malware is slowly spreading out to each workstation and across your entire network.
The next morning, you come in, everything is on lockdown and you’re being asked to pay a bitcoin ransom to access any files. What’s Bitcoin? You ring your IT support company to have them in to fix it, they have an emergency onsite service but it’s going to be three times the normal hourly rate.
We could stop right here and you’re likely going to pay in one day more than you would have for annual cybersecurity support and cybersecurity insurance coverage. Unfortunately, the costs are just beginning to accrue.
Factor in the lost revenue from being unable to access your client records. You can’t deliver your services or products. Your customers obviously need to run their own business, so they have no choice but to find another company to help them. More lost revenue. This could go on for days. Those clients liked working with you, but they now have taken their business elsewhere and it’s working out fine, so why would they return? When asked who they do business with, they tell this story. Is there a price to put on restoring a damaged reputation?
One week later, you’re still not back online. The ransom amount was unobtainable and even if you could pay it, there’s no guarantee that it won’t happen again next week and who’s to say that even if you did pay it, that the hacker would restore your data for you at all?.
You now need to secure your network, which will mean either re-installing the systems or replacing them, add to this all of the time required to input all of the lost data – if you can find it, and hopefully salvage all of the lost business.
Should we mention the investigation and notification process to your clients about what happened (cringe) and the required monitoring you need to offer in order to restore your business and good name?
Does that cyber IT support seem such a bad idea now?
Based in Kent since 2005 and with extensive experience of IT Support, Network Security and Cyber Security. Computer Rescue offers fast 15-minute response IT Support for Small and Medium-sized businesses with between 5 and 100 users. Please click here to find out about our FREE Cyber Security Assessment