Cybersecurity Blog

Ransomware that Your Cybersecurity Insurance Can’t Cover

Blog contributed by David Sun

The latest alert from various US government agencies through the Cybersecurity & Infrastructure Security Agency (CISA) warns that actors affiliated with Iran’s Islamic Revolutionary Guard Corps are targeting vulnerabilities in Fortinet networking equipment and Microsoft Exchange email software.  Like other threat actors, they leverage vulnerabilities to deploy tools and encrypt systems and exfiltrate data, creating significant business interruption and consumer risk, while demanding a large ransom payment. 

While response to ransomware usually entails activating cybersecurity insurance and invoking the ransom payment coverage included in those ever-more-expensive policies, that may not be an option for these victims.  Given their ties to the Iranian government, the US Department of Treasury Office of Foreign Assets Control (OFAC) has placed sanctions on these threat actors.  This means any US entities conducting financial transactions with the threat actors (such as paying a ransom) could face severe legal repercussions. 

Without payment as an option for recovery, it’s more critical than ever to proactively defend against these attacks.  Network defenders are urged to examine their current cybersecurity posture and reduce the risk of these attacks by:

  1. Scan your systems for known vulnerabilities and patch all systems.
  1. Establish a robust password management policy including implementing multifactor authentication (MFA).
  2. Secure Remote Desktop Protocol (RDP) and other risky services.
  3. Make offline backups of your data.
  4. Regularly test your network and security operations
  5. Prepare and practice your incident response plan

How can CLA help?

CLA’s cybersecurity and data privacy team has years of experience responding to cyber incidents and helping prevent them.  Please contact us if you are experiencing an incident or would like help assessing and mitigating your risk for a cyber attack.

Tags: , , , , , , , , , Incident Response, Information Security, IT Controls | Comments Off on Ransomware that Your Cybersecurity Insurance Can’t Cover

  • 813-384-2735

Kadian currently works with the Information Security Services Group as well as higher education group providing compliance services, outsourcing and co-sourcing engagements and information security assessments.

Comments are closed.

Subscribe to Blog   

Protecting your data from cyber threats starts with confidentiality, integrity, and availability. CLA’s cybersecurity team understands the threats you face — and how to help keep your organization safe. Check back often to learn about risks, trends, IT security attack and defense, and mitigation and response techniques.