Determining best practices to prevent a cybersecurity breach from crippling your business should be on the top of your priority list.
Foreign hacking collectives, acting independently in some cases and under the guidance of malicious state sponsorship in others, have successfully infiltrated and paralyzed American businesses on an unprecedentedly massive scale.
What does a hack look like?
Recently, the Colonial Pipeline—responsible for supplying nearly 50% of fuel consumed on the United States’ eastern seaboard—was shut down entirely by hackers who deployed ransomware to lock company administrators out of the pipeline’s operating systems. The underlying cause of the company’s susceptibility? The company failed to implement a more secure (and today, incredibly common) two factor authentication system for administrators accessing its password-protected network. The result? A $4.4 million dollar ransom paid by Colonial to the hackers, and potentially billions in losses to the American economy.
Colonial is not alone in its major losses due to avoidable problems. Recently, major meatpacking company JBS paid hackers upwards of $11 million worth of cryptocurrency in response to demands after the hackers illegally accessed the firm’s network and threatened to lock out administrators and begin deleting key files unless their demands were met.
These are only two examples of an exponentially growing problem facing businesses and professional entities: malicious actors hacking key systems and holding them hostage for profit. Analysts estimate that roughly $18 billion was paid to such hackers in 2020, a figure expected to increase dramatically each year in the coming decade.
How could this impact me or my business?
This is not a problem faced only by major multinational corporations. The American Bar Association surveyed members and found that, in 2020, 29% of law firms reported a security breach, with more than 1 in 5 saying they were not sure if there had ever been a breach and 36% reporting past malware infections in their systems. Hackers target individuals as well, freezing consumers out of their financial accounts and threatening to liquidate funds unless the victim pays thousands to have control returned. Annual reporting for 2020 estimates that 300 million ransomware attacks were carried out on businesses and individuals alike globally in 2020, up from 188 million in 2019.
In today’s digital landscape, the question for business owners and professionals must ask themselves is not “Will I be hacked?” but rather “When will I be hacked?” and, perhaps more importantly, “What can I do to prepare?”
The stakes to your company are great, and the potential ramifications for your company include: reputational damage, compromised customer safety, legal and compliance risk, business and supply chain interruptions, data loss (including customer, employee, and trade secrets), and extensive costs (legal, forensic, and ransom payment).
Most importantly, preparations can be made and countermeasures can be implemented to mitigate the effects of these attacks against precious digital systems. As with most potential catastrophes, preemptive measures and planning go miles further in warding off hacking efforts than panicked, reactionary measures. Companies and professionals must develop protocols to monitor for, prevent, and in worst case scenarios, respond to hacking with the same seriousness that they approach active shooters, workplace violence, sexual harassment, and other major threats to business operations that have become so prevalent in recent years.
How do I make these preparations?
Considering preventative measures to this serious threat is essential. Security needs will vary from business to business, based on the type and scale of operations the firm is engaged in. However, we highly recommend these universally applicable protocols be implemented by businesses and professionals in order to begin down the path to a more digitally secure future:
Develop internal policies and procedures
Do you know what steps you need to take if you suspect someone is trying to hack you? Or if you know that a hack has taken place? Do your employees and associates know what to do in the same circumstances? Do you have the response proper incident response plan and procedures in place?
The minutes and seconds following a suspected hack are no time to for managers to be asking themselves “What now?” A key first step toward preparedness for any enterprise susceptible to hacking is to work with legal counsel, IT professionals, and business personnel to develop a response plan to be followed in the event of a hack or suspected hack, and to practice it routinely with employees so that the entire organization is aware of their duties and emergency responses. Think of it as a digital fire drill: when an alarm goes off, you want a calm, measured response that immediately and effectively begins to address the problem, rather than a panicked frenzy.
A well-selected response team must be engaged to contain, remediate, and notify the essential external agencies, insurance carriers, and technical assistance when an emergency arises. Key members of your incident response team should include legal counsel, information security professionals, human resources staff, risk management experts, finance representatives, and operations managers.
Perform an internal audit
What do your current contracts with clients, suppliers, or insurers say about hacking? This must be reviewed so that you are certain of your contractual obligations and coverage. Uncertain of where your business or professional firm stands? If so, that must change—quickly.
The easiest way to achieve this is by performing an internal audit, with the assistance of outside professionals if necessary, in order to assess the extent of your liability in the event that you are hacked—or your clients’, suppliers’, or insurers’ liabilities to you in the event that they are hacked. An alert from your IT department informing you of a hack on your network is no time to discover that you have unfairly shouldered the burden of liability for something that could be attributable to an outside party working against your firm. It is an even worse time to discover that your insurance policies decline coverage in the event of a hack. Internal audits can discover and prevent such otherwise unavoidable calamities.
Shore up your insurance
While an internal audit is a priceless tool in assessing your firm’s readiness in the event of a cyberattack, it is a futile endeavor if you fail to follow through with a risk management response that adequately addresses your liability and exposure in the event of a hack. For this reason, it is of paramount importance that you collaborate with your insurance broker to address any shortcomings posed by your current policies in the event of a hack.
Hacking is an omnipresent risk in today’s modern digital world. The risks it poses are real, severe, and costly. The most practical approach to mitigating those risks is to give serious consideration to the recommendations laid out above, and to stay vigilant in your digital dealings.
Pittsburgh Cybersecurity Attorneys
Frank Botta, attorney at The Lynch Law Group, assists businesses and individuals alike in matters related to cybersecurity. Please contact him at fbotta@lynchlaw-group.com or by phone at 724-776-8000.