Determining best practices to prevent a cybersecurity breach from crippling your business should be on the top of your list.
Foreign hacking collectives, acting independently in some cases and under the guidance of malicious state sponsorship in others, have successfully infiltrated and paralyzed American businesses on an unprecedently massive scale.
What does a hack look like?
Recently, the Colonial Pipeline—responsible for supplying nearly 50% of the fuel consumed on the United States’ eastern seaboard—was shut down entirely by hackers who deployed ransomware to lock company administrators out of the systems responsible for operating the pipeline. What was the underlying cause that was a determining factor in the company’s susceptibility? The company failed to implement a more secure (and today, incredibly common) two factor authentication system for administrators accessing its password-protected network. The result? A $4.4 million dollar ransom paid by the company to the hackers, and potentially billions in losses to the American economy.
Colonial is not alone in its major losses due to avoidable problems. Recently, major meatpacking company JBS paid hackers upwards of $11 million worth of cryptocurrency in response to demands after the hackers illegally accessed the firm’s network and threatened to lock out administrators and begin deleting key files unless their demands were met.
These are only two examples of an exponentially growing problem facing businesses and professional entities: malicious actors hacking key systems and holding them hostage for profit. Analysts estimate that roughly $18 billion was paid to such hackers in 2020, a figure expected to increase dramatically each year in the coming decade.
How could this impact me or my business?
This is not just a problem for major multinational corporations, however. For example, the American Bar Association surveyed members and found that in 2020, 29% of law firms reported a security breach, with more than 1 in 5 saying they were not sure if there had ever been a breach and 36% reporting past malware infections in their systems. Hackers will target individuals as well, freezing consumers out of their financial accounts and threatening to liquidate funds unless the victim pays thousands to have control returned. Annual reporting for 2020 estimates that 300 million ransomware attacks were carried out on businesses and individuals alike globally in 2020, up from 188 million in 2019.
In today’s digital landscape, the question for business owners and professionals to ask themselves is not “Will I be hacked?” but rather “When will I be hacked?” And, perhaps more importantly, “What can I do to prepare?” The stakes to your company are great, and the potential serious ramifications for your company include: reputational damage, compromised customer safety, legal and compliance risk, business and supply chain interruptions, data loss (including customer, employee, and trade secrets), and extensive costs (legal, forensic, and ransom payment).
Most importantly, preparations can be made and countermeasures can be implemented to mitigate the effects of bad actors attacking precious digital systems. As with most potential catastrophes, preemptive measures and planning go miles further than panicked, reactionary measures in warding off hacking efforts. Companies and professionals must develop protocols to monitor for, prevent, and in worst case scenarios, respond to hacking with the same seriousness that they approach active shooters, workplace violence, sexual harassment, and other major threats to business operations that have become so prevalent in recent years.
How do I make these preparations?
Considering preventative measures to this serious threat is essential. Security needs will vary from business to business based on the type and scale of operations the firm is engaged in. However, we highly recommend these universally applicable protocols be implemented by businesses and professionals in order to begin down the path to a more digitally secure future.
1. Develop and implement internal policies and procedures.
Do you know what steps you need to take if you suspect someone is trying to hack you? Or if you know for a fact that a hack has taken place? Do your employees and associates know what to do in the same circumstances? Do you have the response proper incident response plan and procedures in place that address the practices to be followed?
The minutes and seconds following a suspected hack are no time to for managers to be asking themselves “What now?” A key first step toward preparedness for any enterprise susceptible to hacking is to work with legal counsel, IT professionals, and business personnel to develop a response plan to follow in the event of a hack or suspected hack, and practice it routinely with employees so that the entire organization is aware of their duties and emergency responses. Think of it as a digital fire drill; when an alarm goes off, you want a calm, measured response that effectively and immediately begins to address the problem, rather than a panicked frenzy.
A well-selected response team must be engaged to contain, remediate, and notify the essential external agencies, insurance carriers, and technical assistance when an emergency arises. You must consider key members of your incident response team to include legal counsel, information security professionals, human resources staff, risk management experts, finance representatives, and operations managers.
2. Internal audit.
What do your current contracts with clients, suppliers, or insurers say about hacking? This must be reviewed so that you are certain as to your contractual obligations and coverage. Are you uncertain of where your business or professional firm stands? If so, that must change—quickly.
The easiest way to achieve this is by performing an internal audit, with outside professionals if necessary, in order to assess what you are liable for in the event that you are hacked, or what your clients, suppliers, or insurers are liable to you for in the event that they are hacked. Your IT department informing you of a hack on your network is no time to discover that you have unfairly shouldered the burden of liability for something that could be attributable to an outside actor working against your firm, and it is an even worse time to discover your insurance policies decline coverage in the event of a hack. Internal audits can discover and prevent such otherwise unavoidable calamities.
3. Shore up your insurance.
While an internal audit is a priceless tool in assessing your firm’s readiness in the event of a cyberattack, it is a futile endeavor if you fail to follow through with a risk management response that adequately addresses your liability and exposure in the event of a hack. For this reason, it is of paramount importance that you collaborate with your insurance broker to assess and address whatever shortcomings your current policies pose in the event of a hack.
Hacking is an omnipresent risk in today’s modern digital world. The risks it poses are real, severe, and costly. The most sensible, practical approach to mitigating those risks is to give serious consideration to the recommendations laid out above, and to stay vigilant in your digital dealings.
Pittsburgh Cybersecurity Attorneys
Frank Botta and Paul Toigo, attorneys at The Lynch Law Group, assist businesses and individuals alike in matters related to cybersecurity. Please contact them at firstname.lastname@example.org and email@example.com respectively, or by phone at 724-776-8000.