Cyber-attack: Are You Prepared to Pay the Ransom?

News broke on Friday that a massive ransomware attack had crippled businesses around the globe. Today, experts are anticipating that the same ransomware and potential new copycat attacks will continue to multiply as workers begin their weeks.

Ransomware is a form of cyber-attack where your computer data is encrypted, leaving you without access to your files. It is called ransomware because you are asked to pay a ransom to get your data back. Often, the ransom is demanded in online currency. While the ransoms demanded can be small in dollars, they can exact a huge price in impact to your business reputation. For instance, on Friday hospitals had their electronic medical record systems locked up through ransomware, causing surgeries to be canceled and patients turned away. A ransomware attack can cause you to lose business – not only on the day of the attack until you pay the ransom – but going forward through clients or customers who no longer trust your business’ ability to provide services.

So, what can you do to protect yourself and your business against a ransomware or other cyber-attack?

1. Educate your users. Be it the president of your organization or the receptionist, everyone who is a part of your team needs to be educated to be cautious about opening attachments from suspicious senders or clicking on material from suspicious websites.  Constant education is the key to making sure your employees are prepared to act when a suspicious message comes across their desks.

2. Constantly apply updates to your systems and run anti-virus software. If your operating system issues a patch or an update, implement it immediately.  Friday’s attack exploited a known Microsoft Window’s vulnerability.

3. Have a plan. Work with your management team, your information technology department, and your outside legal counsel to make sure that you have a plan in place when the worst hits.

If you ask any business who has been hit with a cyber-attack – be it phishing, ransomware, or other malware – whether they anticipated being hit with an attack the answer would likely be no.  All too often businesses assume that it won’t happen to them.  Unfortunately, it is no longer a question of “if” a business will be hit, but “when.”

What should you do if you are a victim of a cyber-attack like the worldwide ransomware attack?

1. Consult with your outside counsel. Develop a plan for response working with outside counsel. Why? Because having outside counsel help lead and direct your investigation can cloak the investigation in the attorney-client privilege or work product doctrine.  This is important in case there is future litigation.

2. Consult with your insurance provider. Determine whether or not your insurance coverage includes protection for the event.

3. Unfortunately, you may be left paying the ransom. The likelihood of finding a key to unlock the encryption is extremely remote. Often your best bet at recovering data is simply to pay the ransom.  But, before you do, consult with outside counsel and your technical experts.

If you have any questions, our cyber security team stands by ready to assist.

Article brought to you by:

Elizabeth Burgin Waller
Principal
Cybersecurity Practice Group