Dear David: How Can I Protect My Company From Ransomware Attacks?


Dear David,

I am a small business owner who recently sustained a ransomware attack. The attack encrypted our company’s data and created considerable expense. For example, without access to client data and appointment logs, all upcoming appointments were lost. I have an offsite backup, but it too was compromised. At that point, I hired a forensic computer expert and paid the ransom since it was the only way to retrieve the encrypted data. Unfortunately, 15% of data was unrecoverable so the staff worked around the clock to recreate it at considerable cost. How can I protect my company in the future from such a disruptive, time consuming, and expensive ordeal?

Dear Encrypted,

Electronic vandalism is on the rise and creates significant challenges for business owners. The great news is there are steps you can take to protect yourself. While our focus here is on a ransomware attack, bad actors do target businesses using a variety of other scams. Previously, David Princeton co-authored an article for Wisconsin Lawyer Magazine that can be found here.

Let’s start with how the ransomware attack works. First, bad actors spend their day sending infected email attachments and links. The attachments and links come from email addresses that appear authentic, so in a rush it is easy to click. When an employee opens the attachment the virus spreads through the network and encrypts the data. Then, because the backup copies the encrypted data and writes over the prior day’s backup, the backup becomes compromised. At this point options are limited to data re-creation or paying the ransom. Tragically, even paying the ransom may not get all the data back. So, how can you protect yourself?

First, enact proactive strategies. Employers should phish test employees. So called “Whitehat” firms send realistic, but fake phishing emails to test employees computing practices. This practice raises awareness about the various forms a phishing attack can take. It also gives leadership meaningful baseline metrics so it can work with employees to improve security behaviors. Additionally, ensuring anti-virus software is up to date and adding a hard drive backup can provide even more protection.

Second, review your insurance coverage before a loss happens. Electronic vandalism insurance is a relatively new product, and many variations exist. Businesses should work carefully with their brokers to get appropriate coverage. Policies can come with inadequate policy limits or exclude risks you intended to insure against. For example, a $10,000 policy limit may be inadequate to cover the ransom demand, loss of income, forensic computer experts, and employee overtime. In sum, employers should proactively assess their vulnerabilities and risk tolerance, and get appropriate insurance coverage to meet their needs.

Finally, even if a ransomware virus infects your computer, you can mitigate the damage by taking immediate action. Upon discovering the virus, unplug external hard drives and remove the infected computer from the network. This could stop the virus from encrypting other hard drive files or from spreading to other computers on the network. Next, contact a computer expert who can take additional steps to mitigate the interruption.

As Benjamin Franklin once said, “An ounce of prevention equals a pound of a cure.” Ransomware can be disruptive and expensive, making it important to take the proactive steps today, that will reduce your risk tomorrow.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Kevin Galezewski

Kevin is an occasional guest columnist for C&R’s Dear David column

Kevin Galezewski, AIC, is a senior consultant at Advocate Claim Service where he applies his expertise from more than a decade in the property and casualty insurance industry. Kevin previously served as a subrogation professional, arbiter, and electronic vandalism lead. Currently, Kevin attends Marquette University Law School and is an active member of the Alternative Dispute Resolution and Real Estate Law Societies.

Advocate Claim Service takes the anxiety out of claims. We are licensed insurance professionals with significant insurance claims experience across a wide array of coverage lines who can bring clarity to any insurance program. We also conduct proactive insurance program diligence reviews.

Want to have your question, comment, or concern addressed in an article or arrange a private conversation? Send inquiries to:

Latest Posts
Most Popular

Hey there! We're glad you're here!

This content is only available for subscribers. Please enter your email below to verify your subscription.

Don't worry! If you are not a subscriber, simply enter your email below and fill out the information on the next page to subscribe for FREE!

Back to homepage