Manufacturing and Construction are among the top industries targeted by ransomware. The transition from old technology to newer innovations often means more system interconnectivity, which introduces new cyber risks. In the 2020 Allianz Risk Barometer Report, cyber incidents were revealed to be the most important business risk globally, with business interruption following closely behind. Cyber attacks have become more damaging and expensive for businesses, with the average ransomware payout increasing every year.
Ransomware is a type of malware that encrypts computer or machine data and demands payment before it can be unlocked and decrypted. Ransomware is particularly crippling to manufacturing and construction companies due to its ability to halt operations, putting pressure on every minute of downtime. It will also likely affect many other stages in the production line. These malicious actors target companies of all sizes—including consumer and non-consumer facing businesses. Even companies with high-quality IT security can find themselves exposed to these cyber incidents without proper employee cybersecurity awareness training.
Case Study:
Norsk Hydro, a manufacturing company in Norway, was victim to a cyberattack in 2019 that produced $71 million in incurred damages—only $3.6 million has been paid out by insurance to date.
Update February 10, 2020: The financial impact has been updated to cost an estimated $93.4 million – $107.7 million Canadian. Norsk Hydro’s cyber insurance policy has covered around $26.8 million to date.
What happened?
- An employee opened an email that appeared to be from a trusted customer but was actually infected with ransomware known as LockerGoga
- Several of Norsk Hydro’s factories had to halt production or switched to manual operations
- The executive team at Norsk Hydro made the decision to pay no ransom, and instead restored their data from trusted system back-ups
- The company also decided to be completely open about their breach, including hosting daily webcasts and press conferences to answer questions
Although Norsk Hydro experienced a crippling disruption, they were smart in their decision to not pay up to the cyber-attackers and to instead recover data from system back-ups.
Ways to prevent and prepare:
- All departments of your company should participate in employee cybersecurity awareness training
- Map all the connected devices and systems in your business to identify traffic flows and any architectural flaws or security gaps
- Have company data saved on trusted back-up systems to allow for your business to effectively respond and restore operations faster
- Have a crisis communication plan in place
Although Norsk Hydro decided to go it alone for handling their breach, most businesses don’t have that luxury. Fortunately, Cyber insurance can be invaluable in a ransomware situation. Cyber insurance includes coverage for incident response teams of lawyers & IT professionals, costs to rebuild systems from backups, lost data, business interruption and even the cost of the ransom itself if needed.
Regardless of the size of your organization, the costs associated with cyber claims can be catastrophic. Cyber policies are changing and evolving to account for the growing risks of cybersecurity. Speak with your insurance broker or contact Fuse Insurance to find out what you’re covered for and what insurance options can protect your business.
