Every 14 seconds, ransomware is served, and downtime costs are anywhere on average 5-10 times the price of ransom – keeping the type and reputation of the business.
According to Kivu report, 86% of the ransomware attacks were successfully targeted towards managed service security providers, as smaller organizations share the infrastructure via their IT providers.
This is where supply chain ransomware takes place!
The nature of this targeted attack is to deploy ransomware to all customer networks, and ultimately, to the vendor itself. The aim is to paralyze and push customers to pay the ransom.
We often think that it is only the big companies that are vulnerable to attack but with many classic examples from our recent history, it has been proven that bad actors are looking at vulnerability points, a weak area of access within the supply chain of network.
Larger enterprises typically have a more robust response to cyber events and may not be as vulnerable to the supply chain attacks. The same is not true for service providers. 65% of managed service providers in North America have fewer than 10 full-time employees compared to the companies they service, according to a ‘SolarWinds and The 2112 Group report.’
This is why hackers attack companies through their IT providers. The ransomware is getting sophisticated and growing in numbers daily. Just a dozen of targeted ransomware gives access to thousands of encrypted endpoints. Whether you are an online retailer, doctor, lawyer, or an accounting firm using any of these services to hold your valuable and private information, this supply chain ransomware can turn your computer and backups to paperweight!
Are you covered if your IT service provider is hit by ransomware?
Cybersecurity and cyber insurance as a package play a major role when facing financial turmoil via bad actors taking advantage of technology growth. As customers, you entrust the care of your data to your providers. Get to know them, their practice to secure your data and policies and procedures in place when there’s a vulnerability or exposed to hackers.
Have a Cyber insurance policy that provides coverage for data privacy concerns and network security events. There will be internal costs as you or your provider respond to the attack and you’ll need strong financial support that picks up the tab your behalf and saves you from a catastrophic breakdown of your business.
~
Sharmeen Rehman
BlackFire Cyber Insurance