Keeping on top of ransomware attacks

Following the extensive coverage on cyber attacks in the news over the last few days, Matt Webb, Group Head of Cyber at Hiscox comments on the WannaCry ransomware:

"We have seen a rise in ransomware attacks over the last 24 months. Generally these incidents are resolved fairly quickly; for example if the insured has good IT hygiene they can simply restore from back-ups. They are normally small, but Friday’s incident exploits a Microsoft vulnerability which has allowed the malware to spread more easily". 

"Hackers are incredibly crafty at exploiting vulnerabilities. But there are three things businesses can do to keep on top of ransomware attacks; Firstly, have good back up procedures in place to aid recovery. Second, keep patching up to date. Last, do regular phishing training with staff".

"Costs to businesses are not limited to any initial ransom payments. These are typically a smaller part of a claim compared to the cost of restoring data and business interruption". 

"Friday’s events remind us how devastating ransomware attacks can be and how quickly they can spread".

Helping your clients manage cyber risk
Hiscox Cyber and Data Insurance will protect your clients from ransomware attacks, typically under three areas:

  • Cyber extortion - expert fees to investigate the situation as well as reimbursement of the ransom
  • Hacker damage - the costs to repair and reconstitute computer systems, programmes and data
  • Cyber business interruption - increased costs of working and loss of income due to being unable to use computer systems, programmes or data.

The Hiscox Cyber Readiness Report 2017
A Hiscox study of 3,000 companies in the UK, US and Germany revealed more than half (53%) of businesses in the three countries are ill-prepared to deal with cyber-attacks. The Hiscox Cyber Readiness Report 2017 assessed firms according to their readiness in four key areas – strategy, resourcing, technology and process – and ranked them accordingly. While most companies scored well for technology, fewer than a third (30%) qualified as ‘expert’ in their overall cyber readiness. Read the full report above.