You might have had problems with emails, online banking, or the checkouts at your shop may have stopped working. These aren’t just innocent glitches in the system. It’s the result of online criminals infecting servers with ransomware. How could it affect your business and what can you do to protect yourself?
Targeting the technology, not just businesses
You may be aware of the huge recent ransomware attack on a US software firm that had a disastrous impact on hundreds of businesses, both there and around the world. The first signs emerged on 1 July 2021, when media reported the Swedish Coop supermarket chain being forced to close 500 branches and workout how to restart systems after their checkouts stopped working. They were not alone. According to a BBC report, cyber researchers estimated over 200 companies had been affected by this attack, mainly in the USA.
However, the important fact to note here is that the attack was not directly targeted at Coop supermarkets or any single organisation or business. The cyber-gang ‘REvil’ infiltrated online managed service providers’ servers via a vulnerability in a VSA application (used to monitor and visualise data) provided by software firm Kaseya. Coop did not even use Kaseya’s VSA themselves – but one of their software providers did.
Cyber criminals have realised they can have a far greater impact not by targeting specific organisations, but by attacking certain elements within our online infrastructure. The platforms, gateways and connections that we have all come to rely on for our everyday lives. A compromise within one large IT company in the USA can and will have a profound impact on digital systems worldwide.
If you are concerned about how to stay up to date and secure your financial IT systems, then it may be helpful to get in touch with us. Our SB Digital service, Risk & Assurance assessment team and Cyber Insurance policies can all work together to help you get the protection you need.
How cyber attacks can affect businesses
A successful cyber attack can affect a business in three ways, each carrying long-lasting implications for your bottom line.
- Suspension of business
While your files are locked and your servers shut down, you will not be able to process transactions or fulfil orders in the usual way. Your website won’t function, your payments won’t work and you will be losing sales every minute that your systems are out of action. You might not even be able to access bank accounts or payroll, leaving your employees and suppliers – as well as your customers – in limbo until the matter is resolved.
- Rebuilding your systems
If your digital service provider is able to implement a quick solution, perhaps involving a change of IP address and an increase in cyber security, then you will have been lucky. It has been known for companies to have to entirely rebuild their online estate and processes, which can come at a huge cost financially and involve considerable extra working hours to notify users of changes that affect them. It can be difficult to recover from the double hit to your finances unless you are insured.
- Erosion of customer confidence
The damage to a business’s reputation in the aftermath of a cyber attack can be colossal. The perception of being ‘infected’ or unsecure is a very difficult one to shake, especially if customers’ data or personal information has been leaked to hackers. It can be a big challenge to overcome the stigma of having been hacked, to retain customer loyalty and continue to make sales.
Not just the big conglomerates
Ransomware typically targets businesses by running a programme that encrypts online files, images and information until a sum of money, usually in a cryptocurrency such as Bitcoin, is sent to the gang responsible. However, this is not just a problem for large organisations.
You will often find emails cropping up in personal or employee accounts where a malware programme has sent automatic messages to all the contacts on an infected server. These will typically imply that a third party has gained access to the recipient’s webcam and recorded incriminating footage that will be sent to all their contacts unless they pay them money.
In almost all cases, this is a smokescreen designed to cause panic and no footage exists. However, the presence of the email itself implies that one of your contacts, or a company that keeps your email on file, has been compromised. This only serves to emphasise the importance of robust systems and processes.
What can you do to protect yourself?
With ransomware attacks on the increase, it’s important to constantly keep cyber security and crime prevention in mind as part of your day-to-day operations. Some solutions are simple, others more complex. There are a number of straightforward but effective basic prevention measures you and your colleagues can take, including:
- Think before you click
Does the link look legitimate? Would you have expected that attachment or that message from a manager or colleague? Is the language used too general, pushy, or slightly stilted? Cyber criminals will try to get a fast response, so think twice before trusting a link.
- Keep your password to yourself
It sounds obvious, but you would be surprised how casual some people can be about passwords. Your password is unique to you. Never share it, nor write it down. It’s also advisable to change passwords on a regular basis to protect against your current passwords already being on a leaked list.
- Examine the email sender
HMRC has announced that there were 365,000 phishing email scams reported in the UK in 2020. A malicious email may look legitimate on the surface, but closer examination of the sender’s email address often reveals it’s not who it appears to be. If in doubt, contact the organisation directly – they will usually be happy to clear up any doubts and learn of scams being committed under their name.
- Report it
If you are uncertain about any emails you receive, or spot suspicious aspects of their content or address, report it to your IT department or contractor. They should have systems in place to detect and delete malicious emails.
The list above outlines a few simple actions that anyone can take to protect themselves against malicious attacks made directly via email. There are more complicated digital solutions to detect hacking attempts through other means, often via third-party software, but you should always contact an independent qualified expert for their advice. Only an experienced professional specialising in cyber security will be on top of all the current developments in this field and be able to advise you on the right solutions for your particular circumstances, so having a cyber insurance policy in place can give you access to professionals who can get your business back up and running as quickly as possible.
Improved, robust systems
It’s much easier to protect your business against ransomware and other malware when you have robust systems and processes in place to ensure your digital environment is as secure as it can be.
Our SB digital service specialises in assessing a business’s financial software, networks and automated systems. Where necessary, we’ll make recommendations that will not only improve your organisation’s performance but also its online security, so that you will know exactly how secure your systems are and also how to spot when something is awry.
Additionally, our Risk & Assurance service will give you a complete overview on your organisational systems, both online and off, so that you can see precisely where any gaps in your security might be. As well as assessing your financial exposure and liabilities, we can identify vulnerabilities in your third-party software, second-level authentications, password procedures or simply the human actions of your colleagues and staff.
In every case, we can provide impartial, professional advice, auditing existing frameworks and helping clients implement more robust systems where required.
Are you covered for a ransomware attack?
No matter how watertight your own systems might be, there will always be factors outside of your control. For many businesses, it is not a case of what to do if a cyber attack occurs, but when.
Any business operating today – using online systems and digital services to manage their delivery, keep records, process transactions and stay in touch with their customers – could be vulnerable to online attacks. Whether you work in a high-tech environment or simply keep your invoices in a spreadsheet, a cyber-attack which stops you accessing your data or using business-critical software could prevent you from operating for days, weeks or even worse.
Especially where customers’ personal data could be leaked to hackers, companies have a huge responsibility and could be liable for considerable fines if found to have failed to take all possible steps to protect themselves.
Scrutton Bland’s insurance team can talk to you about finding a ‘cyber insurance’ policy that’s right for you and your business, which is specifically designed to protect you from financial losses due to business interruption, rebuilding your systems or financial penalties. As well as covering the direct impacts discussed above, you could also be insured for data breach, crisis communications, loss or damage to data, telephone hacking and phishing. It can also help in the event of human error, such as possible copyright infringement by using an unlicensed image on your website, or a laptop left on a train.
To talk to someone about cyber crime and your systems
Whether you need support with existing software, or are unsure which financial technology is right for your business, please don’t hesitate to contact us. All initial discussions are free of charge, with no obligation.