By Tim Kolacz
Over the past few months we have been discussing how Cyber Liability works and what coverages you should be looking at when contemplating buying the coverage. We have also discussed that it wasn’t a matter of if you could be attacked; it was a matter of when. This past weekend was “when” for a lot of the world.
Several factors occurred this weekend and the way it all went down was somewhat fascinating in that it had all the makings of a spy movie. The NSA gets hacked and a super virus is stolen. It then gets modified and spreads through a hole in the code of an outdated operating system that hasn’t been updated in over a year. The creators of the virus ask to be paid in untraceable currencies. Pretty crazy stuff.
Here’s where it gets really interesting though. The computers infected were all running older versions of the most popular operating system on the planet. Windows XP and the like were targeted specifically because the code has not been getting software updates for a long time. (Mind you, a long time in computer code can also be classified as about 3 weeks. In this case, it has been much, much longer.) Almost immediately after the attacks, there comes a software update to fix the hole. Interesting… Also, the main computers infected were all over the world, including Asia and Europe. However, the United States was not particularly infected.
Well, for one, the US is typically very good about upgrading their systems to the most recent operating systems and software updates. About once a week, my computer gets a software update from Microsoft, Adobe, and a multitude of other software that I run. Additionally, when a new operating system comes out, I normally update to it after about 6 months or so. By and large, the rest of the US follows suit with me. Clearly, a lot of the rest of the world doesn’t. Also, because of how the virus spread, the US was able to react to the virus, update our systems, and keep the virus out.
Another item that continues to cross my mind is the amount that the hackers were wanting as payment for releasing the encrypted files. They only wanted about $300. As far as ransomware goes, this is really inexpensive. But the point was clear, the targets were those computers running old software and targeting those people would more than likely result in quick payments. So their goal was to get frequent payments, not severity payments. Better to get a bunch of small ones than try to rely on one huge one in this case. Even with the amount being small, per USA Today, there has been about $70,000 in payments made to release people’s specific data.
So, could all of this have been covered by insurance? Yes. Do most of these people have the insurance in place to pay for their downtime? If they are still running Windows XP, more than likely they are not buying Cyber coverage. Here’s a link that will help your company, especially C-level employees take care of your company: Cyber Risk Lessons for Boards and Officers.
Tim Kolacz works for HUB International and is here to make sure that you don’t wanna cry after a cyber attack. [email protected] 951-779-8730 direct line