The shutdown in May of one of the largest oil pipelines in the United States, followed by reports of CNA Financial Corporation paying $40 million to regain control of its network and attacks on the world’s leading meat supplier, has drawn focus to the vulnerability of business systems in every industry. With the volume of financial data involved in the administration of insurance, it's important for every MGA and vendor to have systems in place to protect from attacks.
Any business that deals with data – and the insurance industry handles a considerable amount – is ripe for attack by cyber criminals. Ransomware attacks occur when an outside force hacks a company’s computer network and prevents users from accessing the system. The hackers demand payment, or a ransom, to regain access and control of data.
The increase in people working from home due to the pandemic has expanded the number of entry points to company systems, exposing companies to more risk of attack. A common point of entry is through a malicious email with an attachment that, when opened, kicks off the malware. Another name for this is phishing spam. The email can seem ordinary, even appearing as though it is from a person or business the user trusts.
Once the attachment is opened, any number of a malware types can be activated:
- Scareware – A pop up message claims the computer is infected, requiring a fee for tech support.
- Doxware – Threatens to publish your stolen information unless a ransom is paid.
- Screen lockers – The entire screen locks up and displays an official-looking message from the FBI or other government entity, claiming illegal activity has been detected on the computer.
- Encrypting ransomware – Creating the most damage, this malware grabs your files and encrypts them, demanding payment to unencrypt. Even with payment, your files may not be returned and may have already been compromised.
Recent surveys suggest that small to mid-size businesses and local governments are more susceptible to attack. Key targets include:
- Companies that are perceived to have smaller security teams, for example, universities.
- Companies/organizations that can and will pay quickly, such as government agencies and banks.
- Firms with sensitive data, such as law firms and hospitals.
- Businesses in western markets with the ability to pay ransom.
Law enforcement advises not to pay the ransom as that encourages hackers to create more ransomware, but this report in June 2021 by Corporate Compliance Insights notes that not only are ransomware attacks on the rise, but 57% of organizations would consider paying the ransom.
The best way to protect against ransomware is to prevent it from happening in the first place. A good place to start – implement best practice for cyber hygiene. Below are some tips from the tech team at MGA Systems, followed by the number one thing you can do to protect your business from ransomware:
- Ensure routers and firewalls are installed and properly configured, so that all computer networks are physically segmented.
- Review and regularly monitor both lists of authorized users and unauthorized users.
- Enforce compartmentalized ("need to know") user permissions for authorized users.
- Ensure that all anti-virus (AV), spyware, and other anti-malware protection software is properly installed and configured on all computers, especially when employees are using their own devices.
- Keep software updated – make sure all Operating Systems (OS), application software, web browsers and firmware are updated with the latest security patches.
- Enforce strong password rules and 2-Factor/Multi-Factor Authorization procedures. Use password management applications if necessary.
The number one thing you can do to protect your business from ransomware and other malware attacks is to train your users. End users are often the weakest link. Train your employees to watch for suspicious emails, verify that they know the sender, and not to open any unexpected attachment, whether a PDF, Word doc, video or link.
As part of the insurance community, securing customer data and financial information is likely a top priority. You should also take an additional step to verify that all your third-party vendors have plans in place to secure their systems.
Following the guidelines laid out in the New York State Department of Financial Services (NYDFS) cyber security requirements, MGA Systems has a robust cyber security program to protect the confidentiality, availability and integrity of its data and its customers’ data.
We value the relationships we build with our customers and believe a strong security program fosters trust. If you have any questions about our Cyber Security or Business Continuity policies and programs, please give us a call at (877) 790‑1114 or contact us here and ask to speak with our security project manager.