3 takeaways from the 2017 Cost of Data Breach Study

IBM has just released their findings on their cost of data breaches study. Check out this great by Denny Jacob from Property & Casualty 360 and find out what they key findings from IBM research means for you.

As companies continue to infuse technology into their business models, they must also keep up with an ever-changing digital landscape. In 2017 and beyond, companies need to consider their cybersecurity practices.

As cyber attacks continue to rise in frequency and sophistication, companies should also consider where data breaches are occurring. For those looking to understand data breaches by country, the latest report from IBM Security and Ponemon Institute sheds light on such a topic.

Sponsored by IBM Security and conducted by Ponemon Institute, the study found that the average cost of a data breach is $3.62 million globally, a 10% decline since 2016.

To explore the complete report, visit the IBM Security Data Breach Calculator, an interactive tool that allows you to manipulate report data and visualize the cost of a data breach across locations and industries, and understand how different factors affect breach costs.

Or, keep reading for highlights from the study's key findings.

The costs by region.

In the 2017 global study, the overall cost of a data breach decreased to $3.62 million, which is down 10% from $4 million last year. While global costs decreased, many regions experienced an increase.

In the U.S., the cost of a data breach was $7.35 million, a 5% increase compared to last year. When compared to other regions, U.S. organizations experienced the most expensive data breaches in the 2017 report. In the Middle East, organizations saw the second highest average cost of a data breach at $4.94 million  an uptick of 10% compared with the previous year. Canada ranked third with data breaches costing organizations $4.31 million on average.

European nations experienced the most significant decrease in costs. Germany, France, Italy and the U.K. experienced significant decreases compared to the four-year average costs. Australia, Canada and Brazil also experienced decreased costs compared to the four-year average cost of a data breach.

Time is money when you're containing a data breach.

For the third year in a row, the study found that having an Incident Response (IR) Team in place significantly reduced the cost of a data breach. IR teams, along with a formal incident response plan, can assist organizations to navigate the complicated aspects of containing a data breach to mitigate further losses.

According to the study, the cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than 30 days compared to those that took longer than 30 days. The speed of response will be increasingly critical as General Data Protection Regulation (GDPR) is implemented in May 2018, which will require organizations doing business in Europe to report data breaches within 72 hours or risk facing fines of up to 4% of their global annual turnover.

There's still room for improvement for organizations when it comes to the time to identify and respond to a breach. On average, organizations took more than six months to identify a breach, and more than 66 additional days to contain a breach once discovered.

Additional key findings.

  • For the seventh year in a row, healthcare topped the list as the most expensive industry for data breaches. Healthcare data breaches cost organizations $380 per record, more than 2.5 times the global average overall cost at $141 per record.
  • Close to half of all data breaches (47%) were caused by malicious or criminal attacks, resulting in an average of $156 per record to resolve.
  • Data breaches resulting from third party involvement were the top contributing factor that led to an increase in the cost of a data breach, increasing the cost $17 per record. The takeaway: Organizations need to evaluate the security posture of their third-party providers  including payroll, cloud providers and CRM software  to ensure the security of employee and customer data.
  • Incident response, encryption and education were the factors shown to have the most impact on reducing the cost of a data breach. Having an incident response team in place resulted in $19 reduction in cost per lost or stolen record, followed by extensive use of encryption ($16 reduction per record) and employee training ($12.5 reduction per record).

See the original article Here.

Source:

Jacob D. (2017 August 8). 3 takeways from the 2017 cost of data breach study[Web blog post]. Retrieved from address http://www.propertycasualty360.com/2017/07/05/3-takeaways-from-the-2017-cost-of-data-breach-stud?ref=rss&_lrsc=05d8112f-7bfb-4c4d-916f-0e2085debd9a&slreturn=1502379703&page_all=1


Safety Focused August 2017

When traveling for work, even for short periods of time, it is important to take precautions to protect yourself from cyber criminals.

Cyber Tips for Traveling

Staying safe while traveling involves more than simply locking your valuables in a hotel safe. Today, cyber crime is just as prevalent as conventional crime. In fact, your digital property may be more valuable to criminals than your personal property. Before packing for your next business trip, take the following precautions to protect yourself and your belongings while away:

  • Turn off home and work computers before you leave. Computers that are always left on are more vulnerable to hacks.
  • Back up all data. Store sensitive files either on a removable storage device locked in a safe or in a secure facility in the cloud.
  • Be cautious when using public Wi-Fi. If it is necessary to go online in public, use a secured connection. If you have to use an unsecured connection, avoid checking bank balances or visiting any site that asks you for personal information, which can be easily stolen.
  • Enable a pass code on your smartphone. This can prevent hackers from accessing sensitive information should you lose your phone.
  • Use a credit card instead of a debit card for purchases. A cyber criminal can deplete your bank account with your debit card.

How to Avoid Distractions While Driving

Driver distractions have joined alcohol and speeding as leading factors in crashes that cause fatal and serious injuries. However, cellphones aren’t solely to blame. Anything that takes 100 percent of your attention away from driving is a distraction. There are three main types of distractions:

  • Visual—Taking your eyes off the road
  • Manual—Taking your hands off the wheel
  • Cognitive—Taking your mind off of driving

Whether driving for work or for personal reasons, it is important to remember that any activity that you engage in while driving is a potential distraction that increases your risk of crashing. Taking the following precautions can help you avoid distractions while driving:

  • Silence your mobile devices and keep them away from you while driving to avoid being distracted by incoming calls or texts. If you must receive phone calls while on the road, pull over before answering, even if using a hands-free device.
  • Set destinations in navigational devices before you depart.
  • Make a playlist on your smartphone before you leave to avoid the temptation to change radio stations.
  • Avoid eating while driving. Take proper breaks to allow yourself time for meals.
  • Speak up if you’re a passenger of a distracted driver. Offer to take over the driving responsibilities if possible.
  • Review ’s safe driving policy to ensure that you are fully aware of the best practices when it comes to road safety and know what to do in an emergency.

To download the full article click here.


Beyond the Basics: Snapchat "Snap Map" Safety

Did You Know?

Snapchat is one of the top five social media platforms among young people, with approximately 150 million daily active users. While Snapchat is designed to be a fun photo, video and text messaging app, a number of features—particularly the Snap Map function—pose serious safety concerns.

What is Snap Map?

Introduced in a June 2017 update, Snap Map allows users to share their exact location with their friends within the Snapchat app. Snap Map gathers location data using a smartphone's GPS sensor and displays the time of day an individual is at a specific location and his or her speed of travel. This information is shown on a map that can be accessed when a user first opens Snapchat and pinches the screen to zoom out.

While Snapchat users can choose to share their location with selected friends, any posts users share on Snapchat’s “Our Story” feature will appear on the global map regardless of their privacy or location settings.

Safety Concerns

As with many apps that use geolocation features, privacy is a major concern. Many fear the Snap Map feature opens users up to the risk of stalking, burglary or kidnapping, particularly because locations in Snap Map can be viewed down to exact addresses.

Safety Tips

  • Edit your location settings by clicking the gear icon in the Snapchat app. From there, scroll down to the “See My Location” tab and turn on “Ghost Mode.” This will prevent others from seeing your location.
  • Be mindful of what you’re sharing on Snapchat, and avoid providing your exact location online.

Safety First

Snapchat is a popular app for young children. As such, it’s important for parents to speak with their kids about online safety. Children should be instructed to avoid sharing their location on any social media app, even if they think the information is only viewable by friends and family.

If you have other safety concerns related to Snapchat, you can submit them to the company here.

To download the full article click Here.


P&C Profile: July 2017

New Study Demonstrates the Dangers of Talking While Driving

It’s commonly known that smartphones, entertainment systems and other electronics can be a dangerous distraction to drivers. However, a new study from the University of Iowa found that simple conversations can also cause unsafe driving conditions.

The study used eye tracking equipment to analyze where subjects were looking and how long it took them to focus on a new object. Some subjects were also asked true or false questions at the same time in order to simulate a simple conversation. Data collected from the study found that subjects who answered questions took twice as long to focus on a new object than those who were asked no questions.

Although engaging in conversation seems simple, it involves a number of complex tasks that the brain must handle simultaneously. Even if the topic of conversation is straightforward, the brain has to absorb information, overlay what a person already knows and prepare to a construct a reply. And, although this process is done extremely quickly, it can also slow down reaction times and lead to a dangerous accident on the road.

The best way to keep your employees safe while driving is to encourage them to eliminate or turn off all potential distractions, including their cellphones and any hands-free accessories they may use to make a call. You can also consider including language about safe driving practices in your workplace safety policies.

Preventing Workplace Violence

As reports of shootings and other violent incidents become more common, workplace violence is a topic than no business can ignore. According to the U.S. Bureau of Labor Statistics, workplace homicides rose 2 percent in 2015, the latest year for which data is available. Additionally, the number of workplace shootings increased by 15 percent.

The best way to address potential acts of violence at your business is to be prepared to act before, during and after an act of violence occurs. Here are some programs you can use to ensure the safety of your employees and customers:

  • Pre-employment screenings—Background checks can help identify candidates who have violent histories.
  • Security—Security systems can ensure that only employees have access to certain areas.
  • Alternative dispute resolutions—Techniques like facilitation and mediation can help solve a conflict before it escalates.
  • Threat assessment teams—A designated team can work with management to assess the potential for violence and develop an action plan.

Congress Considers Flood Insurance Reforms

The National Flood Insurance Program (NFIP) is one of the few ways to get insurance coverage for flood risks, and the program is set to expire later this year. However, Congress is currently examining a number of possible changes to the NFIP before it’s reauthorized.

One of the most important topics regarding the NFIP is its financial stability. The program is currently $24 billion in debt as a result of rising claims costs and severe weather events, and some lawmakers believe that the program needs substantial reforms in order to remain viable.

The following are some of the changes that are being considered to the NFIP:

  • Making private flood insurance more available to consumers
  • Limiting payments to properties that flood repeatedly
  • Reducing taxpayer subsidies for flood insurance
  • Creating financial incentives for flood mitigation

DOL Withdraws Joint Employment and Worker Classification Guidance

The U.S. Department of Labor (DOL) recently withdrew administrative interpretations regarding joint employment and the classification of workers as employees or independent contractors. These withdrawals can have significant consequences on legal protections for employees and eligibility for benefits.

  • Worker classification—Employers will need to satisfy tests established by the courts—such as the economic realities test—when classifying workers.
  • Joint employment—Joint employment can only be established when an employer has direct control over another employer’s workplace.

To learn more about what these withdrawals could mean for you, contact Hierl Insurance Inc. and ask to see our comprehensive compliance bulletins, “DOL Withdraws Joint Employer Guidance” and “DOL Withdraws Worker Classification Guidance.”

To download the full article click Here.


OSHA Cornerstones: Summer 2017

OSHA Proposes Delay to Electronic Reporting Rule

Last year, OSHA issued a final rule that requires certain employers to electronically submit data from their injury and illness records so they can be posted on the agency’s website. Although employers were initially required to submit this data by July 1, 2017, the agency recently stated that it will not be ready to receive electronic workplace injury and illness reports by the established deadline, and has proposed a new compliance date of Dec. 1, 2017.

OSHA believes that the new rule will encourage employers and researchers to find new and innovative ways to prevent injuries and illnesses at workplaces. However, critics of the rule believe that it will unfairly damage the reputations of businesses by making details of workplace injuries and illnesses available to the public.

Because the electronic reporting rule has not been revoked, employers affected by the rule should continue to record and report workplace injuries as required by law. Although the rule does not change an employer’s requirements to complete and retain regular injury and illness records, some employers will have additional obligations. Here are the requirements for the rule:

  • Establishments with 250 or more employees that are required to keep injury and illness records must electronically submit the following forms:
    • OSHA Form 300: Log of Work-Related Injuries and Illnesses
    • OSHA Form 300A: Summary of Work-Related Injuries and Illnesses
    • OSHA Form 301: Injury and Illnesses Incident Report
  • Establishments with 20 to 249 employees that work in industries with historically high rates of occupational injuries and illnesses must electronically submit information from OSHA Form 300A.

OSHA Withdraws Union Walkaround Policy

OSHA has withdrawn a policy that allowed union officials to participate in inspections at nonunionized workplaces. The agency recently referred to the policy as unnecessary in a memorandum to its regional administrators.

The policy was originally included in OSHA’s 2013 “Walkaround Letter of Interpretation,” and was viewed by many employers as an attempt by the Obama administration to support and expand union representation to nonunion workplaces. Other critics of the letter believed that it allowed individuals who were not a representative of employees to participate in walkaround inspections.

Because the walkaround policy was set without engaging in a formal rule-making process, the procedure to withdraw it was quick and informal. Many experts also believe that the withdrawal was influenced by the Trump administration’s focus on eliminating easily reversible policies.

OSHA compliance officers may still attempt to include third-party outsiders in a walkaround if there is good cause. One example of good cause would be due to the compliance officer lacking technical or language expertise that is necessary to the inspection. Such cases are rare, however, as OSHA usually provides the needed expertise from within the agency.

Proposed OSHA Standards Stalled Under Trump Administration

A number of proposed OSHA standards were introduced just before the inauguration of President Donald Trump. However, the Trump administration’s focus on deregulation has put many of these standards on hold. Additionally, the Office of Information and Regulatory Affairs has yet to publish its Unified Agenda, a semiannual publication that outlines the upcoming regulatory plans for federal agencies.

Several proposed changes are currently in OSHA’s pre-rule stage, including the following:

  • An emergency responder preparedness program
  • Revisions to OSHA’s process safety management program
  • A new federal standard to protect health care and social assistance workers from workplace violence

Supporters of the Trump administration’s emphasis on deregulation believe that businesses will benefit as their compliance responsibilities are reduced. However, opponents argue that public protections may now come second to profit.

OSHA Citation Against Contractor Vacated

An administrative judge for OSHA recently vacated a “willful” violation against Hensel Phelps Construction, a general contractor.

An OSHA inspection of a Hensel Phelps worksite in Texas originally found that the company had not provided a subcontractor’s employees with a system to guard against cave-ins. However, the citation was vacated after a judge found that OSHA regulations protect an employer’s own employees, and in this case did not apply to the subcontractor’s employees who were not protected from cave-in hazards.

To download the full article click Here.


Managing Work-related Stress

It has been estimated that 75-90 percent of all visits to primary care physicians are a result of stress-related health problems, and the leading source of stress for adults comes from their jobs. The most common causes of work-related stress include a heavy workload, job insecurity, tight deadlines, bullying and a lack of support from managers.

Stress affects each individual differently. If it becomes overwhelming, it can lead to illness, injury and poor job performance. To reduce work-related stress and your risk of developing a more serious health condition, consider the following six best practices:

  1. Plan ahead. Start working on tasks well before they are due, and always have an alternative plan in case something falls through.
  2. Prioritize your work. Create a list of tasks that must be done and then break them down into smaller, more manageable assignments so you don’t get overwhelmed.
  3. Slow down. Think before you act to avoid having to repeat tasks.
  4. Use available resources. Ask co-workers for assistance with tasks that you cannot feasibly tackle on your own.
  5. Balance your life. Make sure that there is a balanced focus on your work and your home life to offset work stressors with personal time to yourself.
  6. Resolve conflicts. Develop a conflict resolution plan to solve interpersonal problems with co-workers.

To download the full article click Here.


CenterStage...Creating a Safety Minded Workplace

“One of the best ways to promote a safe working environment is through safety meetings. They don’t have to be formal or lengthy, just be sure to make them mandatory and keep an attendance log. Additionally, ensure everyone knows that you are interested in their ideas so they will be active participants in working towards a goal of an injury free workplace.” -Cathleen Christenson

VP, Property & Casualty

Large companies often have safety departments and staff dedicated to managing safety practices and policing the proper accident-prevention procedures. They also usually have the capacity to hold much more formal meetings. On the other hand, small businesses, where most employees wear multiple hats in the company, have a much more shared responsibility when it comes to employee safety in the workplace. This shared responsibility requires employees to keep a watchful eye out for each other and report any potential dangers they see before accidents can happen.

Best Management Practices in Creating a Safety Minded Workplace

1. Make Safety a Top Priority

An employee safety plan may not be high on a small business’ list of priorities-- until something happens. As much commitment should be placed on safety and health as any other part of a business. An injured worker is an unproductive employee and can cost a business the services of a valued employee while they are out, as well as drive up insurance cost. Businesses can proactively help prevent accidents and control worker compensation costs by developing and implementing a safety program. Hierl works to provide guidance on the design and implementation of company safety programs.

2. Ensure All Employees are Involved in the Safety Effort

According to the Occupational Safety and Health Administration (OSHA), one of the most effective ways to develop a safety-minded culture is to involve employees in ongoing “Toolbox Talks.” These are brief,

informal meetings to allow employees to stay up-to-date on potential workplace hazards and safe workplace practices. These meetings can be as simple as discussing the company safety policy or can hone in on one specific topic, such as machinery use, tool handling, safety minded attitudes or anything that could provide knowledge about preventing accidents in the workplace.

3. Identify and Control Safety Hazards

Identify safety hazards in your workplace so you can best learn how to control and correct them. Learning the OSHA regulations that apply to your industry can be helpful here. Good employee safety strategies encompass many different topics depending on what industry the business is in. OSHA provides a comprehensive list of topics to address with employees. Consulting employees on what problems they have noticed can often be the most beneficial when it comes to narrowing down the most important topics to cover. A major safety topic that arises often is simple housekeeping procedures such as spills, loose cords, etc. Encouraging a “see something, say something” policy will allow employees to report the potential dangers they encounter in their daily work and act to prevent injuries or accidents before they can happen. The primary responsibility of the employees is to perform his or her duties in a safe manner to prevent injury to themselves and others.

4. Comply with Regulations

Safety practices differ across different kinds of companies. For instance, you wouldn't have your employees train to operate a forklift when they will never have to operate a forklift on the job. On the other hand, everyone can benefit from "Housekeeping" and "Substance Abuse" training sessions, with the goal of being an injury-free workplace at the forefront of everyone's mind.

Some positions may need to be OSHA certified as well. There are two types of OSHA certifications (OSHA 10-Hour and OSHA 30-Hour), with four industry specific categories (OSHA10 Hour General Industry, OSHA10 Hour Construction, OSHA30 Hour General Industry, and OSHA30 Hour Construction).

5. Continually Improve Your System

Review the strengths and weaknesses of your safety programs as there is always room for improvement. Healthy workers will support a work environment that fosters trust, creativity and general well-being. To access helpful talking points for supervisors, ask a Hierl representative about the complete line of Safety Matters flyers, including hand protection, safe lifting techniques, accident prevention, slips and falls, hazard communication, first aid basics and more.

To download the full article click Here.


Is Social Media Putting Employees’ Health, Safety at Risk?

Do your employees know about all of the risks that can come from their social media? Find out how social media can affect your employee's safety and health in this article from Employee Benefit News by Jill Hazan.

The issue of personal online safety has finally crossed over into the healthcare arena — and employers need to step up and learn to best educate employees about keeping them safe.

A recent article in the Journal of the American Medical Association Pediatrics, “Parental Sharing on the Internet: Child Privacy in the Age of Social Media and the Pediatrician’s Role,” highlights how parents who post information about their children on social media put them at greater risk for identity theft. In addition, this trend toward oversharing compromises a child’s protected health information. What might happen when that child applies for a job in the future and a simple internet search reveals health information she would not want an employer to know?

While HIPAA protects the confidentiality of an individual’s medical records, it doesn’t provide comprehensive protections outside the healthcare environment. The laws around the privacy rights of children relative to their parents’ online disclosures are still evolving. The article recommends that pediatricians ask parents about their social media habits to help keep children safe and their data private. It is a natural extension that all primary care providers should be asking patients about social media behaviors, as the issues of identity theft and data privacy are relevant to children and adults alike.
This recommendation is increasingly significant from an employee benefit perspective.

So what should employers do?

Employers routinely provide healthcare benefits to employees. If health plans and physicians are acknowledging and addressing the risks of social media from a privacy and security perspective, shouldn’t employers extend that focus into the workplace? With the continued employer emphasis on wellness, it is incumbent on health plans and employers alike to educate employees on online security and the risks of identity theft.

 

There are a variety of resources and benefits that employers can access to assist employees in navigating the online world safely. A series of well-structured, engaging seminars on identity theft and online security that combine real-life stories with actionable advice are effective in educating employees and changing behaviors. Online tutorials, like those provided by the Center for Identity at the University of Texas, Austin, can guide employees on setting proper privacy settings on social media sites, such as Facebook, Twitter, LinkedIn and Pinterest.

Identity theft protection plans provide monitoring and restoration services, as well as education to help keep employees and their families secure. EAPs may provide guidance on identity theft and counseling for victims. Comprehensive legal benefit plans provide legal advice and representation for victims of identity theft. Employers may also provide employees access to online data protection tools for use at work and home with features that encrypt communication and block malware and phishing attempts.

Employees need to understand how to navigate the social media and online environment to keep their families safe. Identity theft of a family member affects more than just one person. It can register an emotional, physical and financial toll on the entire family. Employers need to structure a comprehensive approach to managing the health and wellness of employees as it relates to their online behaviors. A program with a combination of employee benefits, from healthcare to identity theft protection benefits, supplemented by onsite employee education, will support the goals of the health plan and, ultimately, the organization’s overall business objectives.

See the original article Here.

Source:

Hazan J. (2017 May 1). Is social media putting employees' health, safety at risk? [Web blog post]. Retrieved from address https://www.benefitnews.com/opinion/is-social-media-putting-employees-health-safety-at-risk?feed=00000152-18a4-d58e-ad5a-99fc032b0000


The Killjoy of Office Culture

One of the latest things trending right now in business is the importance of office culture. When everyone in the office is working well together, productivity rises and efficiency increases. Naturally, the opposite is true when employees do not work well together and the corporate culture suffers. So, what are these barriers and what can you do to avoid them?

According to an article titled, “8 ways to ruin an office culture,” in Employee Benefit News, the ways to kill corporate culture may seem intuitive, but that doesn’t mean they still don’t happen. Here’s what organizations SHOULD do to improve their corporate culture.

Provide positive employee feedback. While it’s easy to criticize, and pointing out employees’ mistakes can often help them learn to not repeat them, it’s just as important to recognize success and praise an employee for a job well done. An “attaboy/attagirl” can really boost someone’s spirits and let them know their work is appreciated.

Give credit where credit is due. If an assistant had the bright idea, if a subordinate did all the work, or if a consultant discovered the solution to a problem, then he or she should be publicly acknowledged for it. It doesn’t matter who supervised these people, to the victor go the spoils. If someone had the guts to speak up, then he or she should get the glory. Theft is wrong, and it’s just as wrong when you take someone’s idea, or hard work, and claim it as your own.

Similarly, listen to all ideas from all levels within the company. Every employee, regardless of their position on the corporate ladder, likes to feel that their contributions matter. From the C-suite, all the way down to the interns, a genuinely good idea is always worth investigating regardless of whether the person who submitted the idea has an Ivy League degree or not. Furthermore, sometimes it takes a different perspective – like one from an employee on a different management/subordinate level – to see the best way to resolve an issue.

Foster teamwork because many hands make light work. Or, as I like to say, competition breeds contempt. You compete to get your job, you compete externally against other companies, and you may even compete against your peers for an award. You shouldn’t have to compete with your own co-workers. The winner of that competition may not necessarily be the best person and it will often have negative consequences in terms of trust.

Get rid of unproductive employees. One way to stifle innovation and hurt morale is by having an employee who doesn’t do any work while everyone else is either picking up the slack, or covering for that person’s duties. Sometimes it’s necessary to prune the branches.

Let employees have their privacy – especially on social media. As long as an employee isn’t conducting personal business on company time, there shouldn’t be anything wrong with an employee updating their social media accounts when they’re “off the clock.” In addition, as long as employees aren’t divulging company secrets, or providing other corporate commentary that runs afoul of local, state, or federal laws, then there’s no reason to monitor what they post.

Promote a healthy work-life balance. Yes, employees have families, they get sick, or they just need time away from the workplace to de-stress. And while there will always be times when extra hours are needed to finish a project, it shouldn’t be standard operating procedure at a company to insist that employees sacrifice their time.

 

 


U.S Aftermath of WannaCry Ransomware Yet to be Seen

The WannaCry ransomware that has spread across 150 countries since Friday has appeared to slow down, but employees starting the workweek should be careful, as the effects in the United States are yet to be determined.

WannaCry locks users out of their computers by exploiting a vulnerability in outdated versions of Mircosoft Windows. It then demands money from users who want to regain control of their data. The ransomware initially requests around $300, and if no payment is made, threatens to double the amount after three days and delete files within seven days. Once it infects one computer, it can spread to every computer in that network within seconds.

According to Elliptic- a London startup that helps law enforcement agencies track criminals-around $50,000 worth of bitcoin payments have been made to the hackers as of Monday morning.

Countries Affected in First Few Hours of Cyber Attack

  • United States- Fedex
  • United Kingdom- The National Health Service
  • Russia- The Ministry of Internal Affairs
  • France- Renault
  • Spain- Telefonica
  • China- Universities and gas stations
  • Japan- Hitachi

Nobody knows who is behind the attack, but Europol is working on a decrypting tool. Many firms hired experts over the weekend to prevent new infections, which seems to have worked in Europe, so far.

After the initial discovery of the WannaCry ransomware, Mircosoft issued a warning to the U.S. government concerning its data-storing practices. Mircosoft claimed that the tool used in the WannaCry cyber attack was developed by the U.S. National Security Agency and was stolen by hackers. Microsoft released a Windows security update in March to tackle the problem exposed by the latest attack, but many users haven't run the update yet.

Precautions

Some experts recommend that you should not pay the ransomware if you've been hacked. Even if there is a way to determine if you've paid the ransom, there is no guarantee that the hackers will return the files to you unharmed, if returned at all. Experts also recommend you take the following precautions:

  • Update your network if you haven't yet.
  • Turn on auto-updaters, if available.
  • Don't click on links that you do not recognize.
  • Don't download files from people you don't know.
  • Back up your documents regularly.

Hierl Insurance Inc. will continue to monitor the situation. Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.