Computer systems across the globe have recently been shaken by a new computer malware called WannaCry. What is now dubbed as “ransomware,” WannaCry or WannaCrypt encrypts the files of an infected computer and sends a message demanding payment of money as ransom, and threatens to wipe the infected computer if the payment is not made within a specified time. WannaCry infected computers in over 150 countries including Germany, Russia, Turkey, and the Philippines in a single day.
Security experts are still struggling to undo the damage that WannaCry left in its wake. Those who have been infected are advised not to pay the ransom, but there are still no solutions on how to decrypt victims’ files. This is an even bigger issue with businesses that cannot access important files—they must choose between paying the USD300-600 ransom, or accrue losses as they wait for someone to crack the decryption.
The situation is a painful reminder to businesses everywhere that when it comes to computer viruses, prevention is often better than a cure.
Strengthen your computer’s defenses. Use reputable anti-malware programs from vendors you trust. Generally, computers already come equipped with security software so you don’t have to buy anything. Do not just search for anti-malware programs online and download the first thing that comes out. Some viruses are masked as anti-malware. Talk to IT experts in your company and within your network to make sure you get the right one you need.
Keep your computer software up to date. Software companies regularly release updates in response to new and emerging threats. Whether they are antivirus programs or word processors, you can easily sign up for automatic software updates to minimize risks. Make it part of your work routine to check if there are software updates available to be installed.
Minimize your exposure to threats. Educate employees to be cautious when using flash drives, and to avoid opening suspicious files. There is a variety of emails soliciting information or introducing a product and unless it is from a verified and known source, do not click on any attachment or link. This is exactly how WannaCry came about – by tricking victims into opening the malware disguised as invoices, job offers or other legitimate files as reported by Aljazeera. Additionally, never turn off your computer or network’s firewall. Even a brief span of time without your firewall puts you in danger of being infected by malware.
Use strong passwords. How-to Geek recommends passwords with minimum of 12 characters and has a combination of numbers, symbols, Capital letters and lower-case letters. In fact, you can replace some letters with numbers or symbols to complicate it a bit. Also, don’t use the same password on different websites because if one of your accounts gets hacked, the rest of your accounts with the same password will be vulnerable to the same hack. The problem now is how to remember all of your passwords. It helps to remember a sentence guide like “My first job was a clerk at PHP15000 a month” for password “1stj0bClerk@PHP15”. You should also avoid sharing your passwords with anyone, especially if they are associated to accounts that hold personal information like your name, birthday, and credit card details.
Don’t be tricked into downloading viruses. Make it a rule that company computers should be used for business matters only. Discourage visiting and downloading from websites that offer free downloads of music, games, videos, and other media. Downloads from these sites often come saddled with malware. It is also important to conduct Cyber Security seminar for your employees so they become aware of the many tricks they can get lured by hackers such as phishing, bait & switch, cookie theft, etc.
Invest in the right kind of computer risk management. Cyber Insurance is an emerging product in the Philippines, vital to protecting your enterprise from losses and business interruptions. Risks rise as the industries in the country become more digitally connected. Malayan Insurance has made available in the Philippine market, a casualty insurance product that protects a company’s data and systems against specified threats. It is designed to supplement measures that one takes to protect your business’ computer system against security breaches and cyber attacks. Malayan Insurance’s Cyber Insurance offers security for vital company assets that are non-tangible, such as data and other pertinent information. In the event of a cyber attack, Cyber Insurance covers company losses like costs associated in restoring the data or computer systems, and loss of profit due to reputational loss. The policy also offers a safety net against losses for your customers, and affiliate companies. Among other key coverages, Cyber Insurance will help you with claims for damages brought by third parties. This applies to losses incurred as a result of a breach on your computer system, among others.
The steps you take in preparing against possible cyber attacks could make or break your business. Often, damage can be difficult and costly to repair, so getting ahead of the game gives you an advantage.
To learn more about how you can protect your business against cyber attacks, contact Malayan Insurance.