Are you in ‘Good hands’?

There is an insurance company that says you’re in good hands if you insure with them. The implication being that they look out for you and do what is best for you. I can’t speak from experience on their work or the truthfulness of that claim. We all have insurance of various types for one reason. We want someone to help us out when we have something bad happen to us. Health insurance helps with the cost of medical expenses; car insurance helps if we get in an accident or our car is stolen; boat insurance is there when your vessel sinks or somebody steals your fishing gear; and the list goes on.

Cyber Insurance

One type of insurance that more businesses are investing in is some form of ‘cyber’ insurance. Depending on your business, this can take on various forms. If you provide some sort of IT service that involves responsibility for customer data, you have liability considerations. You may insure against business loss in the event of ransomware or denial of service. Like other insurances, there are a wide variety of things computer-related that you may want to insure or insure against.
How would you feel if your health care insurance suggested a course of action that resulted in a possible quick cure, but one that would make you more likely to get sick again? Would you not question that decision from your insurance? We all appreciate the fact that insurance companies are not anxious to pay out money (that isn’t how they make a profit, obviously) so if two options exist, they will suggest the cheaper one first. If the more expensive alternative is better for you, you may have to work hard to get it covered.

Ransomware Can Be Expensive

Ransomware has put insurance companies in that position. You may have read about the costs incurred by various city governments to recover data when they refused to pay a ransom. For example, Atlanta spent $2.6 million rather than pay a $52,000 ransom. The Wired article made a good point:

“Paying the ransom upfront might have saved the City of Atlanta time and money—and on paper would have cost several orders of magnitude less than the eventual cure—but it’s not quite as simple a call as it seems. City officials had no guarantee that attackers would actually release their systems upon payment. Or even if the hackers did decrypt the infected devices, the city’s digital infrastructure could still have been weakened by the attack.”

There are a number of issues that arise in the wake of a ransomware attack. First and foremost, do you pay? Keep in mind that the FBI recommends you not pay the ransom. Also keep in mind that you are dealing with CRIMINALS. They say they will decrypt your files if you pay. It didn’t take long to encrypt them, so you may hope the decrypting will be as quick. This article sites one source that found 25% of payers did not get their files back. Another article says that 20% don’t get their files back. While some will say it is in the best interests of the ransomers to get your files back, I would not want to bet my business on their ethics. This article points out that as the less expensive route to go, insurance companies might recommend paying the ransom.

Should You Pay the Ransom?

Let’s take the optimistic view and say you pay the ransom and get your files back. What does the future hold? You have shown you have the means to pay. You have now told the ransomers that you are a valuable target. While most efforts after a ransomware attack center on the file recovery, what about the rest of your network. Just where did that infection come from? Is your network clean? Are there any lingering infections that will launch another ransomware attack? Even though you pay the ransom, this does not remove the need for remediation efforts. These cost time and money and can’t safely be ignored.

As many have said, paying ransoms encourages these types of attacks. Some high profile attacks have asked for huge ransoms, but most are set at a level that would probably be paid. If you are a small business, the ransom is unlikely to be set at $1,000,000. However, if you pay $5,000 once, you will likely be targeted again in the future.

I don’t know how cyber insurance works, but I would be surprised if you weren’t invited to take your business elsewhere if you were successfully attacked a few times. Insurance that pays the ransom may seem like an easy solution, but like many ‘easy’ solutions, it is not the best one.  If you remember the Fram oil filter commercials of the ’70s and ’80s, their slogan was “Pay me now, or pay me later”. Having a good backup and recovery plan in place helps you position yourself to avoid paying ransom. Good security and user training help prevent infection. These things all cost money and time (“Pay me now”) that businesses are reluctant to spend because they are not profit-generating. The “Pay me later” part shows up with the clean up after an attack, possible insurance rate increases, and lost time and productivity.

These can be tough decisions for a business but the right decisions will mean you are in ‘good hands’.  To learn more about security and data protection solutions, call Ashton Solutions at 216 397-4080.