First Come Cyberattacks, Then Come Business Losses

Any business that is at the receiving end of a cyberattack will have its fill of distractions to stem the course of the attack while recovering lost or frozen data and mollifying customers whose personal information might have been compromised. Many targeted businesses, however, subsequently discover that a cyberattack and its consequences are only the beginning of their problems.

Consider, for example, the potential aftermath of a successful distributed denial-of-service (DDoS) attack. These attacks occur when a malicious program called a "botnet" generates tens or hundreds of thousands of simultaneous data calls on a business's web server, effectively overwhelming and shutting that server down. The affected business might think its problems are over when it enables a patch to block the botnet calls, but then it discovers that several of its customers are switching to alternate service providers due to concerns over the business's weak security that exposed it to the DDoS attack, or because they need better assurances that server access will not be interrupted.

A successful ransomware attack can lead to even greater business losses. A common pathway for malware to be introduced into a business's system is when an employee inadvertently clicks on a link attached to an email from an unknown source. Within minutes, the business will lose access to critical data and systems, all of which will be frozen until the business pays a specified amount of ransom to into an anonymous account. Failure to pay the ransom can result in the destruction and loss of critical data. Even if the business maintained backups, the productivity and downtime costs of restoring data and systems can cripple any business and lead to further business losses when regular operations cannot be conducted.

The cyberattack that exposed the personal information that had been held by the adult entertainment/infidelity website, Ashley Madison, shows the potential for extreme business losses that can result from a successful attack. Prior to the attach, Ashley Madison's parent company had been positioning itself for an initial public offering that was intended to raise up to $200 million on the public markets. The negative publicity that the company experienced following the attack ended all hopes that it might have had to raise money in the public capital markets.

Given the potential for continuing business losses after a cyberattack, all companies should institute a robust protocol to minimize the risk of an attack and to facilitate an easier recovery with minimal losses once the attack is contained. Cybersecurity experts recommend a few techniques to accomplish this, including:

  • Imposing higher-level password protection, including dual-entry authentication for access to a company's internal systems. Employees should also be instructed to use different passwords for each site they might access. Virtual password safes, such as Keepass, can be used to help employees store and manage multiple different passwords.
  • Using encrypted messenger apps, such as WhatsApp, that allow employees to send messages to each other with end-to-end encryption.
  • If a company-owned device is lost or stolen, the data and information on that device can be deleted with a remote wipe application.
  • At a lower-tech level webcams on computers and mobile devices can be blocked or covered with Post-It notes or tape to prevent hackers from spying on operations via webcams that they may be able to co-opt.

The goal of all of these methodologies is to erect higher barriers to prevent hackers from gaining access to a business's networks and to avoid business losses that flow from a successful attack. Realizing that it is virtually impossible to stop every cyberattack, the last backstop strategy that a business can implement is to procure cyber security insurance that will reimburse a business for its direct losses and provide a pool of funds to pay any third-party liabilities or fines that may be levied when a business loses its customers' personal information. Cyber security insurance will free up other resources that a business can then marshal to prevent customer defections and to replace lost or damaged data and systems.

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375