Cyberattack surge at Northern California companies fuels demand for special insurance
From the start of the COVID-19 pandemic there has been an unprecedented rise in database attacks by criminals using illegal phishing, malware, ransomware and other tactics to extort money from public agencies and business owners of private and public data sources or to get information for sale to others.
With that, costs of “cyber insurance” continues to rise. And that raises the question: Is this coverage worth it to offset the potential cost of enterprise IT damage?
Ask Traditional Medicinals CEO Blair Kellison.
On the last Sunday of September, the tea producer, with offices in Sebastopol and Sonoma Mountain Village, was the victim of a data breach, forcing a shutdown of the company’s computer system but it did not result in lost production.
“We ran for two weeks without a computer and systems were back up in another 2-3 weeks,” said Kellison. “Our Office 365 email system in the cloud was not affected. We had cyber insurance before the breach but still spent upwards of $500,000 for a vendor to come in to repair and restore our system and to also pay for other things we had to do.”
The global average cost of a data breach in 2020 totaled $3.86 million, based on an IBM and Ponemon Report, but the average cost of a U.S. data breach reached an all-time high of $8.64 million. (See Data Box for additional research information)
Data breaches produce a variety of negative consequences, such as reputational harm, regulatory fines and class action law suits, along with state requirements to notify all those included in the stolen files, and other remedial actions costing thousands to implement.
The spike in cyberattacks has led to increased demand for cyber insurance as part of a multi-prong preemptive strategy to stave off and mitigate computer system hacking disasters that includes having an incident response plan.
With more people working remotely since 2020 using personal computers, cell phones and other mobile devices (that may not be secure ways to access company databases at their company’s worksite), opportunities exist for hackers to more easily penetrate networks with an eye toward firms with a considerable amount of sensitive and valuable data.
The cyber threat is not limited to major corporations -- health care centers and medical practices, financial institutions, government institutions and larger retailers are also targeted, along with nonprofits, wineries, the education community and small retail businesses.
The most common form of unauthorized access typically involves phishing scams – the unlawful practice of sending fraudulent emails, log-in credentials, or malware to nonsecure websites disguised as messages from reputable sources. Malicious attachments are also deployed to entice recipients to release personal information, passwords (log-in credentials) or credit card numbers.
Ransomware, the most expensive cyberattack, involves compelling a victim to pay a ransom to regain access to his or her data (unlock the code and unencrypt data) and also to keep that data from being released to the public.
With double ransomware, if the initial ransom is not paid cyber criminals demand higher payments. The victim’s access to databases is often permanently compromised, and stolen data is often encrypted and then sold or traded to other attackers for future extortion attempts and can be leaked online.
The most widely publicized cyberattack in 2021 was made against Colonial Pipeline Company exposing vulnerabilities in U.S. cybersecurity while disrupting thousands of miles of the U.S. fuel supply.
Colonial Pipeline paid a $4.4 million ransom, but later the Department of Justice recovered $2.3 million of the cryptocurrency (bitcoin) amount from this most disruptive U.S. cybercrime on record. Seeing the impact on the national economy, the federal government quickly stepped up efforts to fight this growing concern with a series of initiatives.
On Dec. 11, Kronos Inc., based in Pleasanton in the East Bay, was hit by a ransomware attack leaving customers for its workforce management software platform (the Kronos Private Cloud) without a way to contact its server. Repairs took more than just a few weeks to fully restore the system.
Before Traditional Medicinals September 2021 cyberattack, Kellison said hearing about a vendor’s data breach convinced Traditional Medicinals to get prepared in advance.
“Whether you have less than 50 employees or 500 employees or more, you must plan ahead, be ready and do everything you can to ensure that cyber criminals cannot get into your data. The attack on us was a ransomware attempt – but we paid no stinking ransom.”