Wannacry ransomeware spotlights broker opportunity

WannaCry ransomware attack highlights the important role of brokers and insurers in mitigating cyber attacks says Gallagher Bassett claims expert John Deane.

Over the past week organisations around the world fell victim to the WannaCry ransomware attacks, the largest of their kind to-date with more than 200,000 computers in 150 countries affected.

Demand for cyber insurance is expected to grow in the wake of the wide-scale attacks and, according to John Deane, Partnership Manager at third party claims specialists Gallagher Bassett, the incident has highlighted the important opportunity for brokers and insurers to help clients manage cyber risk during wide-scale attacks.

Although WannaCry has been the largest ransomware attack to date, experts predict that the frequency and severity of this type of attack will continue to escalate.

“Watching news of the attacks spread was comparable to a natural catastrophic event. As news broke, we saw many organisations turning to their brokers and insurers to keep them up to date on the latest developments and provide advice on how to respond,” says Deane.

“With the rapid growth of cyber insurance, which is expected to increase in the wake of the WannaCry attacks, brokers are increasingly being relied on for advice on preventing cyber attacks, and guidance when incidents occur.”

Ransomware is a term that describes a type of malicious software that uses advanced encryption to block access to data on a computer, and then demands money to restore access (hence ‘ransom’).

WannaCry, for example, searches a computer for 176 different file types and encrypts them. A pop up then appears, asking users to pay a ransom of US$300 in bitcoins to unlock their files. The note indicates that if payment is not made within seven days, the encrypted files will be deleted.

Although WannaCry spread more rapidly than previous attacks, the types of vulnerability it exploited are not new, and would be protected against by a robust corporate security program.

“Like with any type of insurable incident, brokers and insurers play an important role in educating their clients about how to guard against cyber attacks”, said Deane.

“At a minimum, every company should have strong perimeter firewalls, a reliable email filter, schedule regular updates and patching and regularly backup critical data in a manner that’s isolated from the rest of their network”.

According to Deane another way brokers and insurers can support clients is by helping them to educate their workforces about safe internet usage.

“The most vulnerable point in any network is its human users. While you can install firewalls, filters and anti-virus software on every other component of your network, education about online safety is the only way to make the human element of your network secure,” Deane advised.

“The most effective thing organisations can do is create a security culture, where staff understand the threat, can spot the danger signs and know to report anything that looks suspicious.”

GB was recently awarded ISO27001 certification for its outstanding information security practices for the fourth consecutive year, and works closely with insurers, brokers and underwriters to provide comprehensive claims management services for all classes of insurance, including cyber. Here’s an infographic poster you can use which provides some useful tips for staff on secure internet usage.