Philadelphia Insurance Companies Logo
Loginor create an account

Guest Bill Pay

Please note that paying by credit card will incur a fee in all states except CT, RI and MA. Allow 48 hours for your payment to post.
Payment method
Start typing in your search to see relevant search terms below

Ransomware

We expect to see some wicked creatures during the month of October. But what about the ones you don't see coming online?

Risk ManagementEvan Fenaroli
Philadelphia Insurance Companies LinkedIn PagePhiladelphia Insurance Companies YouTube PagePhiladelphia Insurance Companies Twitter PagePhiladelphia Insurance Companies Instagram PagePhiladelphia Insurance Companies Facebook Page
Internet Ransom sign

We expect to see some wicked creatures during the month of October. But what about the ones you don't see coming online? October is National Cyber Security Awareness Month. It was created by the National Cyber Security Alliance & the U.S. Department of Homeland Security in 2004. One of the most pressing cyber threats to all businesses and organizations is ransomware. Making headlines worldwide in 2017, attacks such as WannaCry and Petya have claimed healthcare systems, financial institutions, pharmaceutical companies, and logistics firms as some of their many victims. Ransomware is simply a type of malware (malicious software) which encrypts critical data and applications, rendering an organization's computer system completely unusable and bringing operations to a standstill. The financial impact can be substantial for large companies, but even more devastating for small businesses and non-profits - which are often the most vulnerable to begin with.

Most commonly transmitted through malicious emails or by directly exploiting vulnerabilities in applications and operating systems, most variants of the malware can quickly spread throughout a corporate network, making them difficult to contain. The attack motivations are usually monetary or political, with the growing proliferation of "ransomware-as-a-service" making hacking kits readily available to amateur criminals anywhere. Extortion demands can range from several hundred dollars to tens of thousands of dollars and payment is often requested in cryptocurrency (such as bitcoin) as a way to mask the identity of the perpetrators. Companies often feel they have little choice but to pay the ransom, obtain the decryption key, and hope to quickly restore access to their files.

Fortunately, there are a few basic steps that all organizations can take to plan for and mitigate the risk and impact of ransomware:

1) Plan Ahead

Working with their internal IT teams or outsourced service providers, companies should develop a process to regularly back up critical data and test the backup recovery process to minimize downtime in the event of a disruptive cyberattack. Putting together an incident response plan that contemplates ransomware is also an effective risk management strategy.

2) Patch and Update

Because ransomware and other types of malware often exploit known vulnerabilities in commonly used software and operating systems, it is crucial to use current and supported versions of these applications, and regularly apply the latest security patches to ensure they are protected.

3) Respond Quickly

Cyber insurance policyholders should contact their carrier as soon as ransomware is discovered. PHLY works with the country's top attorneys and forensic experts to contain threats and restore access to critical systems as quickly as possible.

Additional Resources
All PHLY Cyber policyholders receive complimentary access to the eRiskHub, our online cyber risk management portal. Access information can be found in your policy, or by contacting your agent or broker.

Written by Evan Fenaroli, Product Manager at Philadelphia Insurance Companies

IMPORTANT NOTICE - The information and suggestions presented by Philadelphia Indemnity Insurance Company are for your consideration in your loss prevention efforts. They are not intended to be complete or definitive in identifying all hazards associated with your business, preventing workplace accidents, or complying with any safety related, or other, laws or regulations. You are encouraged to alter them to fit the specific hazards of your business and to have your legal counsel review all of your plans and company policies.

Related Blogs

Read More PHLY Blogs
Risk Management

Winter Weather Preparedness: 5 Essential Tips to Protect Your Fleet, Property, and People

Winter storms can bring costly risks to businesses, from slips and falls to burst pipes and stranded vehicles. This guide shares five essential tips for winter weather preparedness to help organizations safeguard people, property, and operations.

Risk Management

PHLYSENSE Saves the Day

Property Monitoring Sensor Prevents $100,000 Flood at a Virginia school.

Risk Management

How to Create a Business Continuity Plan

From natural disasters to data breaches, risks for businesses of all sizes are on the upswing

Risk Management

Slip and Fall Prevention

Slips, trips, and falls (STFs) have been a staple in comedy for centuries, from Charlie Chaplin slipping on a discarded banana peel to YouTube clips of people tripping over their own feet. However, the sobering reality remains that STFs accounted for almost 7 million non-fatal injuries and 42,000 deaths in 2020.

Product

Facilities Risk Management: What Non-Profits Need to Know

Whether it's their property, a building they rent, or a home office, all non-profits have facilities they must manage.