Is Your Business Vulnerable to a Ransomware Attack?

Did you know that businesses of all sizes have become targets of ransomware, and that it can infect not only personal computers but also entire networks and servers? Research from technology solutions provider Datto indicates that 20% of ransomware victims are small and mid-sized businesses. These attacks create massive business interruptions and can lead to significant reputational harm for the impacted business, ransomware attacks are particularly damaging. Luckily, there are ways to protect you and your adventure sports business from these potential threats.

What Is Ransomware?

Ransomware is a type of malicious software cyber criminals use to deny access to systems or data until a ransom is paid. After the initial infection, the ransomware attempts to spread to shared storage drives and other accessible systems. If the demands are not met, the system or encrypted data remains unavailable. In some cases, data may be deleted altogether.

Typically, the hackers behind the ransomware demand bitcoin—a type of digital currency that is difficult for police to trace. Experts recommend against paying the ransom. After all, there is no guarantee that you will regain access to your computer, network or files after you pay. Furthermore, by paying the ransom, you could be encouraging future cybercrimes.

How Ransomware Can Spread

There are different ways that ransomware can spread, including the following:

• Visiting imposter or unsafe websites
• Opening emails or email attachments from unknown sources
• Clicking on  suspicious links in emails or on social media

Examine Your Ransomware Exposures

In addition to  cyber insurance, a strong commitment to cybersecurity is crucial to protect your organization from ransomware attacks. Cybersecurity and Infrastructure Security Agency (CISA) recommends examining the following questions to determine if your organization is prepared to address the risks presented by ransomware:

1. Backups — Does your adventure sports business back up all critical information? Are the backups stored offline? Has you tested your ability to revert to backups during an incident?
2. Risk analysis — Have you conducted a cybersecurity risk analysis of your entire business?
3. Staff training — Have you trained your staff on cybersecurity best practices?
4. Vulnerability patching — Have you implemented appropriate patching of known system vulnerabilities?
5. Application whitelisting — Do you allow only approved programs to run on your network?
6. Incident response — Do you have an incident response plan in place for ransomware attacks, and has it been tested?
7. Business continuity — Are you able to sustain operations without access to certain systems? If so, for how long?
8. Penetration testing — Has your business or a trusted third party attempted to hack your own systems to test the security of your systems and your ability to defend against attacks?

If you feel like you have been involved in a ransomware attack or received  fraudulent charges, refer to the  Federal Trade Commission for more information. Don't leave your adventure business unprotected online while you're outside. Get the protection you need today and  request a free CBIZ Adventure Sport Insurance quote.

This blog may contain scenarios that are provided as examples only. In an actual claim situation, coverage is subject to the terms, conditions and exclusions of the policy issued. The information provided is general in nature and may be affected by changes in law or the interpretation of such laws. The reader is advised to contact a professional prior to taking any action based upon this information

Employment Practices Liability: Is Your Business Covered? Employment Practices Liability Trends to Watch in 2021