Cyber attacks have no boundaries and are truly a global issue. All too often ransomware can be avoided with the right IT security and risk management procedures.
1. Initial compromise of your environment
- Microsoft RDP and Remote Desktop Gateway (RDG) can be used to provide remote access to computers and networks.
- RDP/RDG attacks are an attractive and common way for hackers to access systems and steal valuable information from devices and networks.
- A criminal group targets your organization with a phishing campaign.
- Malware is successfully delivered to one of your un-suspecting users via a malicious attachment or web link in an email.
2. Malware is installed
- The user opens the attachment and malware is unknowingly installed on the user’s PC.
- Unbeknownst to the user, and your security and IT teams, the attackers now have a foothold in your environment.
- Using this foothold, the hackers explore your network (still undetected) looking for vulnerable systems and sensitive data. This includes other users’ PCs but also servers supporting critical applications and file stores.
3. Ransomware is deployed
- The criminal group has achieved the access they need and are ready to spring their trap.
- They deploy a strain of ransomware which spreads across your network encrypting indiscriminately.
- The attackers have now encrypted a material portion of your estate and parts of your business are completely disrupted while other parts are partially disrupted.
- The attackers demand $x million for the decryption key.
- The attack also becomes public knowledge which causes reputational damage.
- The regulator also wants to understand if there has been a mishandling of customer sensitive data – there is a risk of a significant fine.
Beazley's suite of cyber services
Remote Access Security
- Beazley’s 360º approach to ransomware protection
- Ransomware: Best Practices for Prevention and Response
- Lodestone series on how to stop ransomware
- Understanding business interruption claims webinar
- On-demand webinars on the latest ransomware trends, BCP, and effective backups
- CtrlAltBreach Ransomware podcast series
- Access to a diverse network of expert vendors with vast experience in these types of cyber incidents, including ransom negotiators, crypto-currency facilitators, data recovery specialists and other technical experts
- Pre-agreed rates with expert vendors to save on any engagement issues a policyholder would otherwise face
- A dedicated claims manager so that there is a single point of contact for policyholders
- Interim payments wherever possible
- Online cyber business interruption guide