In a recent cyber security lawsuit, an insurance company sued by a law firm due to Ransomware Attack for $700,000 in lost income.
The insurance company refused to pay $700,000 in lost billings after the Ransomware Attack. According to the law firm, they were hit with ransomware last year after one of its lawyers opened an infected attachment.
The law firm agreed to pay the cyber criminals the $25,000 ransom to unlock its files however the process took three months. They had to negotiate terms and established a bitcoin account. After it all failed, they had to renegotiate and pay additional money as the first decryption tools failed.
During this entire period, the firm alleges its 10 attorneys were left unproductive. They claim this resulted in a loss of $700,000 in billings to the firm. The insurance company stated it paid the maximum policy limit of $20,000 for losses sustained from computer viruses. They also stated that the law firm’s loss in business income does not meet its policy requirements.
Insurance Company is Being Sued by a Law Firm Due to Ransomware Attack. How do you avoid all this?
- Train your employees – Provide proactive user awareness training and friendly testing. This will reduce the human attack element and protect your business. Great training video from ESET – What is ransomware and how can I protect myself?
- Keep it updated – Maintain a proactive and comprehensive patch management program that will keep all systems updated.
- Keep it limited – It is important to limit access privileges to the network and network drive connectivity. This should be kept to a minimum to ensure it covers essential resources for job requirements.
- Keep Backups Updated – Always maintain daily backups onsite and offsite. You should store them offline as many ransomware variants will spread through drive shares and can even reconnect a disconnected drive share. Backups should be tested and verified.
- Keep It Separated – Just like the larger companies with internal IT departments, have your managed IT services or IT consultant use network segmentation with authentication. This will enforce that a user must enter a password before traversing the network.
- Layer Your Security Measures – You should have multiple layers of security to protect your organization. Ensure you are deploying advanced threat intelligence tools such as next generation firewalls such as SonicWALL. Threat intelligence can be used to identify IP addresses of known command and control sites. Blocking these sites can potentially prevent malware from being able to establish its encryption routine. Benefits of business antivirus software will include centralized management console, protection for all devices, provide internet security, protection of files and email.
If you are looking not be part of a headline like “Insurance Company is Being Sued by a Law Firm Due to Ransomware Attack”, it is important you look at the six simple steps above. It is not known how many of these steps were being used however step four would have given them the ability to restore files and not pay the ransom.
Our complimentary network and security assessment can put your IT infrastructure and business to the test.
365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm. We deliver industry leading IT solutions with our Canadian team delivering Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services.