NUMBERS TO SHARE WITH CLIENTS ABOUT RANSOMWARE ATTACKS
Pandemic-related at-home work continues to fuel vulnerability to ransomware attacks
By Michael Wayne
Earlier this year, Colonial Pipeline was hit with a ransomware cyberattack that forced it to shut down gasoline and jet fuel supplies for 11 days, primarily affecting parts of the Southeastern United States. To alleviate the potential damage, Colonial Pipeline ponied up $4.4 million in payment very early on. In fact, they paid the ransom just a few hours after being apprised of the attack for a software application to fix things.
Unfortunately, once word got out of the attack, gas hoarding began in earnest. The panic even included what turned out to be false reports of consumers filling up plastic bags at the pump to ensure they would not go without. In one widely spread video on social media, a woman was filmed at a Kroger doing just that. While the instance was indeed real, it had been shot prior to the shutdown … in 2019, as it turned out.
Owing to the Colonial Pipeline attack, the nation’s leading pipeline companies will now have mandated cybersecurity regulations. The Biden administration announced this change in late May. Previously, the pipelines operated under voluntary guidelines. Unfortunately, pipelines are not the only target upon which hackers have their sights set.
[R]ansomware attacks have increased I48% since the beginning of the pandemic.
Much closer to home and the insurance industry, Bloomberg recently reported that CNA Financial Corp. paid a $40 million ransom in March to regain control of its systems after a hacker infiltration. CNA had declined to comment as of this writing, but supposedly the perpetrators’ initial ransom ask was $60 million. CNA ignored that demand, but it didn’t take it long to enter into negotiations to have its systems released from the grip of someone else’s control.
According to Marsh LLC, ransom-ware attacks increased 148% during the pandemic. In Q4 2020, the average ransom demand was $154,108. Comparatively speaking, that’s not high and was actually down 34% from Q3. An average of 4,000 ransomware attacks have occurred daily since the start of 2016. That is a strong indication, one that is absolutely true, that many attacks are the result of low hanging fruit (i.e., vulnerable organizations that aren’t even doing the bare minimum to protect themselves, including educating their employees about risks).
One would think that with the uptick in attacks and the reporting of them, including news affiliates now being attacked, consumers would be more proactive about protecting themselves.
Here are five important numbers to share with clients about ransomware attacks that, hopefully, will make them more inclined to consider adding cyber coverage or improving what they already have:
$20 billion. Experts calculate that by the end of 2021, this is how much will be spent in global ransomware recovery costs. As is becoming increasingly obvious, no organization is entirely immune to ransomware attacks. Leaving yourself highly vulnerable and not taking precautions simply moves you closer to the “most likely to be hit” category.
21 days. This is the average number of days of downtime that ransomware victims suffered in the fourth quarter of 2020—three weeks. Many organizations were under stress in 2020 from government-imposed lockdowns. As if that wasn’t painful enough, imagine adding to it the distress of not just losing money but having to come up with money to resume normal business operations.
90 seconds. A minute-and-a-half is all the time it takes for a new remote desktop protocol, or RDP, port to be found after first going online. Working from home and having access to everything is great and has been game-changing in the business world. Unfortunately, it is also one of the top three ways for ransomware attacks to take place.
4.7 million. There are nearly 5 million misconfigured remote desk-top protocol (RDP) ports waiting for eager hackers to infiltrate them. This is one of those instances where organizations—and there are plenty of them—are just inviting the worst to happen because they have failed to properly instruct remote workers or follow up after providing what they thought were adequate instructions. Simply stated, this is another instance of basic security measures not being taken—measures that could prevent lots of unnecessary heartache.
1 in 3,000. In 2020, it is estimated, 306.4 billion emails were sent and received daily. That translates to more that 111.8 trillion emails in a year. Of those, for every 3,000 emails, one contained malware. In other words, in 2020, more than 37.3 billion emails that were sent were malware phishing attempts. Not everyone is savvy enough to identify all of them and avoid clicking something detrimental.
Note: This article is adapted from one that initially appeared in the Rough Notes monthly “Top Q&A for Agents” electronic newsletter and blog. To subscribe to it or other newsletters, visit bit.ly/RN-NL.
The author
Michael Wayne is a freelance insurance writer.