- SMEs are the target of a ransomware attack due to their greater vulnerability, and the number of them taking out a policy against this eventuality is growing.
- Paying a ransomware extortion can incur other types of crimes such as membership of an armed terrorist group.
- Since payments are made with cryptocurrencies or bitcoins, it is practically impossible to trace these forms of payment, leaving cyber-gangs unpunished.
SOLUTEL, a certified Cisco partner with Advanced Security Architecture specialization and several deployments in AWS, held the first round table on Cybersecurity and Insurance Companies on July 7 to highlight the difficult situation that all companies in the world are facing due to the increasingly frequent ransomware attacks. The event was attended by Silvia Sepúlveda, Director of Financial Lines at Assiteca Broker Internacional de Seguros, S.A.; Alejandro Padín, a lawyer specializing in insurance law at J&A Garrigues, S.L.P; Antonio Sempere, IT Director at SOLUTEL; and Leocadio Ortega, Director of Technology and Projects at Unión Alcoyana, Sociedad Anónima de Seguros y Reaseguros.
In the following video, you can view the virtual round table held on July 7:
We have recently observed a proliferation of ransomware attacks.
What are ransomware attacks?
These are a malicious technology by which, remotely, cyber gangs take over companies’ technological systems, preventing access to them and, therefore, not allowing them to develop their industrial activity, with the loss of profits that this entails; apart from other considerations such as the reputational crisis that a company that has been attacked incurs.
Antonio Sempere, IT Director at SOLUTEL, has pointed out that the main common vector in all current cyberattacks is social engineering, “that someone wants to impersonate another by sending an email requesting information – when it has never been done – or by slightly modifying a name or surname in an email should set off all the alarms. Therefore, the awareness and training in the face of this type of threat is crucial to prevent us from being infected by malware, a Trojan or ransomware,” Sempere points out, advocating for education on the part of society to avoid falling into this type of fraud.
Sempere explained that ransomware, beyond malware, is a code that is prepared to hijack, encrypt equipment and also ask its owners for a ransom. “Ransomware has been designed to obtain an economic benefit,” says Sempere.
Precautions against ransomware attacks: cyberattack policies
As cases of cybercrime caused by ransomware attacks increase, more and more companies – especially among SMEs – are opting to take out a policy that covers the possible damage caused by this malicious code. In addition, some policies cover – depending on what is contracted – amounts in respect of the days that the company’s activity has been completely stopped due to a ransomware attack.
For contracting this type of policy, Leocadio Ortega points out that “it is completely necessary for the client to demonstrate – and for this purpose exhaustive audits are carried out – that they have anti-intrusion systems (antivirus, firewall, etc.) properly updated”. Ortega – also – points out that “ransomware attacks are not only aimed at large accounts, with SMEs being the main target of cyber gangs, demanding more modest amounts”.
Silvia Sepúlveda comments that 7 out of 10 policies related to computer crimes are due to ransomware, which gives an idea of the magnitude of the speed with which this type of attack is spreading. Sepúlveda explains that many times customers choose not to pay the extortion and it is then that all the services of the policy are lifted, including the loss of profits for having the activity stopped.
Both Unión Alcoyana and Assiteca recommend – first of all – to file the corresponding report of the attack suffered with the relevant authorities and initiate the procedures to activate the policy.
Pay or not pay in the face of ransomware
Alejandro Padín, a lawyer specializing in insurance law at the Garrigues law firm, explains very clearly that “as a firm we recommend not paying in the event of a ransomware attack because, by doing so, the attacked company could face a crime of money laundering or – even worse –collaboration with an armed gang”.
Padín also emphasizes that “the help that Garrigues provides in the event of a ransomware attack is aimed at what to do to comply with the law, such as reporting the attack to the relevant authorities and state security forces; notifying the CNMV in the event of being a listed company, etc.; in short, avoiding increasing the legal risk in which said attacked company may be left.”
On the other hand, Padín explains that “although the amounts that are leaked to the media are established in dollars or euros, in reality the means of payment is made through cryptocurrencies or bitcoins, making it extremely difficult to follow the route of these amounts; which makes it practically impossible to stop the criminal authors; although it is true that most cybercriminals are open to negotiations and where they started by asking for 50 million euros they can close the agreement by charging only 1 million”.
Finally, Padín clarifies that a company that is being extorted is dealing with criminal gangs and that it is difficult, or impossible, to guarantee that they will comply with what was agreed (deliver all the information and access to the systems), once the payment has been made.
How to avoid attacks by ransomware viruses
Let us remember that in order to take out an insurance policy, companies need to follow certain cybersecurity measures to prevent cyberattacks, which include implementing anti-ransomware tools.
At Solutel, we are experts in cybersecurity. We provide the necessary tools and recommendations against ransomware attacks, and other cyber threats
Solutel recommends the following minimum solutions to implement in any company:
We recommend Solutel Security Pack as the minimum protection that any company should have.
With the Active Surveillance Service included, you will have the peace of mind that your security products are monitored to ensure they are working properly.
Two-Factor Authentication + Antivirus + DNS Layer Protection + Active Surveillance Service
From 10,50 eur per month/user
About SOLUTEL
SOLUTEL, a certified Cisco partner with Advanced Security Architecture | Advanced Collaboration Architecture specializations, as well as several deployments in AWS, with more than 24 years of experience in the implementation of technological solutions, allows users to increase their productivity, improving their communication capabilities as well as access to information in a 100% secure manner. SOLUTEL offers SMEs support services, unified network design, secure Wi-Fi and complete video conferencing systems.
www.solutel.com
