Perhaps you heard of the ransomware attack that hit countries all across the world late last week. If you didn’t, you need to know about it.
Ransomware, if you don’t know already, is an insidious kind of malware, a computer infection that encrypts your files and takes away access to them unless you pay a fee. Your computer oftentimes just displays the ransom note with instructions on how to pay them. Sometimes, as was the case here, the malware will replicate itself and spread to other machines. This recent outbreak, with ransomware dubbed called WannaCry, cost victims $300.
WannaCry was spread through a vulnerability in Windows. Many people think, “My business isn’t that big or important, so no hacker will bother targeting me.” Think again. Hackers don’t always target specific companies. A lot of times they have bots that look for particular vulnerabilities that developers aren’t aware of yet and exploit those in order to infect and spread their malware.
The damage can be crippling. Over a dozen hospitals and health providers in the UK were shut down due to WannaCry, as was a large Spanish telecommunications company. But small and medium businesses were hit too, even if they didn’t make the headlines. As of last year, cybercrime cost businesses $450 billion annually. That number is expected to jump to $2 trillion by 2019.
Because so many smaller businesses don’t think they’ll ever be hit with a cyberattack, the sector is woefully underinsured. The good news is that small businesses can currently buy cyberinsurance on the cheap. On the flip side of that, these cyberattacks are increasing in frequency and they’re very costly, so some think the WannaCry incident might be a wake-up call for insurance companies to look at the aggregate numbers and adjust accordingly.