How to prevent a cyber-attack
19 May 2017
By Shadforth Financial Group
Last Friday, a large scale WannaCrypt/WannaCry ransomware cyber-attack infected over 200,000 computers in 150 countries.1
Ransomware is a form of malware (malicious computer software) that locks your private data and demands a financial ransom for its release.
What was the impact?
Among the targets were corporate bodies and public institutions. Larger groups impacted included:
- The UK’s National Health Service (NHS).2 Patient appointments had to be cancelled, effectively crippling operations.
- Car manufacturer Renault3, who allegedly halted production activities at several sites in an attempt to halt the spread of the computer virus.
The actual economic cost to organisations and individuals effected by the attack is not yet known, but is expected to be considerable.
Could it have been prevented or mitigated?
Yes. The attack was entirely preventable.
All reported instances of a compromise were initiated using a simple ‘phishing’ email link, which initiated the download of the malicious code when clicked, then ran and infected the system.
The attack was targeted to exploit the vulnerabilities of operating systems (eg Windows XP) that had not been updated with the latest cyber protection programs.4
Ransomware attacks are covered by high quality cyber protection policies, which would have covered the financial costs of an attack.
How to protect your organisation
Vulnerabilities in software are constantly being identified. It’s important to stay informed about cyber protection.
Keeping your software and operating system up to date is one of the main ways to mitigate cyber risk. When combined with application whitelisting and restricting administration access, it can prevent around 85 per cent of cyber-attacks.
Remember that cyber risk is a board level issue – if your board is not proactive on their business’ cyber risk they could be held liable.
How we can help
We help businesses and corporations in Australia understand the impact of cyber-attacks on their organisations and select appropriate mechanisms to mitigate the financial risks associated with cyber-attacks.
Contact us to arrange a confidential discussion about your business’ cyber-protection strategy.
General insurance services are provided by Shadforth Insurers Brokers Pty Ltd ABN 11 009 248 837, AFSL 238152
2 Daily Mirror. Retrieved 13 May 2017. http://www.mirror.co.uk/news/world-news/ransomware-cyber-attack-crippled-nhs-10419116
3 Rosemain, Mathieu; Le Guernigou, Yann; Davey, James (13 May 2017). "Renault stops production at several plants after ransomware cyber attack as Nissan also hacked".