Five of the biggest ransomware attacks this year were on municipalities. Here are a few:
- San Miguel County, NM – Suffered from a ransomware attack in January 2020 resulting in $250,000 recovery and mitigation costs.
- Florence, AL – Hackers shut down the city’s email system in June resulting in $291,000 recovery and mitigation costs
- Tillamook County, OR – After a ransomware attack in January 2020, this county lost its server, internal computer systems, website, phone systems, and email resulting in $300,000 recovery and mitigation costs
In 2020, 44% of global cyberattacks were on municipalities! These attacks result in data being lost, ransomed, or stolen – not to mention the loss of email, telephone systems, and websites, as well!
If you’re a municipality, you are a target!
Many municipalities rely on cyber insurance for protection in the case of a cyber attack. But even with this in place, your municipality needs to take other defense measures.
One of my areas of insurance expertise is working with municipalities. One of my other areas of expertise is in risk management. Putting those skill sets together, I help my clients adopt practices that will help them lessen the likelihood of a cyber insurance claim.
Most of these practices are simple and just require time and commitment. By making them a priority, you can minimize your exposure to a cyber attack.
Let me share with you 3 steps you can take to prepare for a cyber attack.
- Commit to employee training
- Perform daily data backups
- Establish a breach plan
1. Employee Training
Are you confident that your employees can identify a questionable email? Would they be able to recognize a potential cyber threat in their inbox?
Human error is responsible for 90% of cyber breaches.
Most employees don’t intentionally cause cyber breaches; they just don’t know what to look for regarding cybercrime. To prevent attacks, employees need solid training on good cyber safety practices regarding their email and browsing habits.
Training your employees in these areas can prevent them from inadvertently opening the door to a hacker or installing ransomware or malware on their computer.
Cybersecurity companies will offer ongoing training for their customers. Most of this training is done through self-paced online courses.
In addition to this training, these cybersecurity firms will test your employees by sending out phishing simulations. These simulations help you assess if your employees can recognize potential cyber threats.
To adequately prepare your employees, you need to make cybersecurity training mandatory for ALL of your employees. After that initial training, you must require ongoing instruction as well.
2. Data Backup
In general, backing up your company’s data is a good habit. Aside from cyber threats, your business may have a server crash at any time. Restoring data loss can be costly and frustrating!
In terms of cyber risk, security breaches and ransomware attacks can have major impacts on data loss. Making sure you are daily backing up your data can help mitigate damage in the case of a cyber attack.
Ransomware is a form of malware. In a ransomware attack, your files become encrypted and you are asked to pay a sum of money to have those files “unlocked” for you.
The most common way that ransomware receives access to your computer or system is through fake emails.
In this instance, the attacker impersonates a trusted person or business in an email with an attachment. Once the attachment is opened, the ransomware takes over the computer’s files.
To get these files back, you will be asked to pay a large sum of money.
It is estimated that 44% of ransomware attacks in 2020 have been directed at municipalities and government entities. And the average demand of ransomware attackers is about $1,652,666.
For most public entities, paying that high of a ransom to retrieve data would be crippling!
Effectively Backing Up Data
If you find your data encrypted by ransomware, data backup provides an effective way to recover. To backup your data correctly, you need to practice the “3-2-1” data backup approach.
According to Infosecurity Group Magazine, “Cybersecurity professionals often refer to the “3-2-1” data backup approach as a sufficient technique for keeping copies of your data. Backing up your data can give you a false sense of security. For this reason, it is critical to understand the 3-2-1 Backup method fully: Three (recent) copies of your data stored across two different storage mediums/locations and one cloud storage provider.”
If you are thorough and regular in backing up your data, you will be able to more quickly recover from a cyber attack. Your data will still be available for you to use.
3. Breach Plan
The last essential in preparing for a cyber attack is having a breach plan. With the number of attacks on the rise, you must know what to do if it happens to your municipality.
Don’t Handle the Attack on Your Own
When a cyber attack occurs, many organizations start by trying to handle the attack on their own. They engage their own IT firm or try to handle it in house. This is a huge mistake!
If your municipality attempts to handle an attack on your own, you may end up paying expenses that you shouldn’t have to pay.
For instance, I know of a firm that had a data breach that occurred through a phishing scam. Thinking they could manage the attack themselves, they hired a Cyber Forensics IT company to help them resolve their issue.
The company was not able to resolve the problem right away, and the cost of hiring them mounted. Eventually, the firm had to inform their insurance company of the problem.
The insurance company engaged its Cyber Forensics firm and resolved the issue. Unfortunately, the insurance company was not responsible for covering all of the costs associated with the business’s first attempt to solve the problem.
What a costly mistake!
Working with Your Cyber Insurance Company
Instead of handling a cybersecurity issue on your own, you should contact your cyber insurance provider right away. Your insurance provider will have the tools already in place to help you respond to the attack and mitigate the damage.
In the United States, there is a small handful of companies able to handle the cyber forensics needed when an institution is attacked. The best cyber insurance companies employ those cyber forensics teams.
You need to know who to contact if you are breached. Many cyber insurance companies have an 800 number for their clients to call in the event of a cyber attack.
If you don’t have an 800 number at your disposal, contact your cyber insurance company to inquire about what you should do if you are attacked. Your insurance company will lay out the steps you should take in the event of a cyber attack.
In addition to your cyber insurance company being involved, you need to engage a lawyer right away. In general, your cyber insurance company will assign a lawyer to your case.
Often your lawyer will hire the cyber forensics team that will work on your case. In doing so, your lawyer can maintain lawyer/client privilege and have greater control over any information about your case.
Handling what information is made public about your cyber attack is very important. Reputation damage can be minimized by maintaining this control.
Cyber attacks are a huge threat! Do you need help getting these practices in place?
For some municipalities, the thought of getting these practices in place is overwhelming! They recognize the need to take precautions but don’t have a vision for how to begin.
First and foremost, you must begin by purchasing cyber insurance. These policies are very reasonable. For some municipalities, $250,000 in cyber coverage is available for as little as $250 per year.
Every year, I am taken by surprise at the number of public entities I meet with that don’t have this important coverage. In 2019, it was estimated that 30% of local governments were operating without cyber insurance.
Considering the amount and kinds of data these entities have and how inexpensive the product, that estimate never ceases to amaze me!
If you would like to know more about the coverages and costs associated with cyber insurance, you can dig into Cyber Insurance: What It Covers, Cost, and Who Needs It. This article goes into detail about this product and will better inform you before meeting with your insurance agent.
If you already have cyber insurance but you want to implement the 3 steps listed above, our agency can provide guidance on where to start. We would love to engage your municipality in making these precautions a reality.
Even if we don’t write your municipality’s insurance, we can serve as a resource to help you add these defenses against cybercrime. Get in touch with us today!