Bhishma Maheswari
First, let us all admit this. Cyber criminals are smart. They are innovative and persistent. They use the cyber tools to target many vulnerable targets. The WannaCry ransomware is the latest.
The WannaCry virus has affected thousands of computer endpoints in many countries. The number and severity estimates vary as of now, and it is difficult to pinpoint an exact monetary value to it. Anecdotal evidence suggests that the ransom demanded is USD 300 to be paid in bitcoins. Another interesting fact is that the value of bitcoins has surged in the past few days.
So which company or organisation can be targeted next? Nobody can foresee the future, but all business organisation have something of value. And as such every company is vulnerable.
More vulnerable are physical assets, such as grids, dams, telecommunication networks, and transport systems. Among industries, manufacturing, power utilities, financial services, healthcare, retail, and education were identified as possible targets by the Marsh & McLennan group of companies’ Cyber Handbook 2016.
Decoding: WannaCry Ransomware – Should You Worry?
In the WannaCry cyberattack, although the ransomware appears small, for a company the major loss by all indications would be from the business disruption and consequent losses. Such losses can sometimes add up to billions. In addition, there is the irreparable damage to brand and reputation.
There is also the immediate loss to the affected company in terms of the ransom it pays to unlock the infected system/systems.
Potential Impact in India: In India, the risk of companies falling prey to ransomware are rising, as the majority of companies and individuals are not using the latest technical tools and machines.
Among sectors, manufacturing, healthcare, pharmaceutical, energy, and utility are likely to be affected. Companies that have valuable intellectual property and customer data are particularly vulnerable.
In a study conducted by KPMG among 250 CIOs, CISOs, CAEs, CROs, and COOs in 2015 and published as the Cyber Crime Survey Report, almost 74 percent said they have no detailed cyber risk assessment and 78 percent said they have no cyber incident response plan.
These professionals were assessing their own companies. Risk that arises from vendors, third parties, and other suppliers were not considered. However, in an interconnected age of technology, automation, and supplier networks, malware and cyber viruses can strike from any source.
How we can risk-proof our organizations
By all indications, most Indian companies tend to be reactive, rather than proactive when it comes to cyber security. Given the increasing frequency and severity, companies may need to assess and craft a strategy to deal with such attacks in the future.
Another interesting but unknown fact is that cyber criminals, who are varied and widely dispersed, sometimes attack an organisation not because they are looking to steal data or monetise an attack, but simply because they are not happy with a company or the way they are doing their business.
Credit agencies worldwide are also taking notice of cybercrimes and are beginning to assess the overall cyber risk of companies and the impact it has on the risk of credit default, according to the Cyber Handbook 2016 of the Marsh & McLennan group of companies.
Cyber risk and insurance
In the cyber world, data breaches and distributed denial of service (DDoS) attacks are most likely to capture headlines, but it is cyber extortion and ransomware that is one of the fastest growing cybercrimes.
The cyber insurance policy would help organisations in such an event and will cover following expenses/losses:
- Ransom demand: Applicable to large organisations with multiple demands of ransom pay.
- Restoration cost of data: Cost of recovering the data if the encrypted data is lost or not recoverable.
- Business interruption (BI): Loss of income or extra expenses incurred while the infection is being remedified.
- Regulatory fines and penalties: Fines and penalties levied by a data regulator for a data breach.
While the world is pretty much in clean-up mode and companies are assessing what the total damage will be, there are lessons for all of us. IT security companies and professionals have for long emphasised the following safeguards:
-Keep operating systems updated
-Use patches in a timely manner
-Build up a robust backup strategy
-Lock down machines
-Don't click on suspicious email or attachments
-Restrict access to network resources (ransomware can only encrypt what it can access or what machines it can propagate to can access)
- Should not depend entirely on traditional anti-virus for cyber safety of the company
The writer is Vice President and Cyber Leader, FINPRO practice, Marsh India Insurance Brokers.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
