Ransomware is a major component of the cyber threat we all face each time we touch one of these electronic devices. In a persistent and pernicious manner, the miscreants of this world find ways to leverage our failures, capitalize on our mistakes, and monetize their malfeasance. So much of the theft that affects business has been traditional, in the world of bricks and sticks as it were. But the new age has brought new challenges aplenty.
A huge volume of informational "theft" is not about the thief possessing information, but about you being deprived of it. In the ransom setting, the thief may deny you access to your data in order to disrupt your business. Or, the thief may simply threaten you with the potential damage that could result in disclosure of your information. To a large extent, how the thief may strive to leverage you may depend in large part on how savvy, prepared, and reactive you are.
Make no mistake, there are those who are interested in flat-out theft of your data. They would love to have it, refine it, and sell it out there in the dark underbelly of the digital world. If you are in possession of data such as social security numbers, home addresses, dates of birth, credit or bank account numbers, driver's licenses, or passport numbers, then it may have value.
However, there is value also in depriving you of your data. Even a temporary interruption could affect both your ability to do business and the trust of your customers. In the first instance, imagine being locked out of your computer files. You might be unable to generate bills to your clients, unable to send/receive emails, check inventory, or deliver your services. Deprivation of your data could bring operations to a standstill. And, hours or days of staff time could be diverted to rectifying the problem.
What if you have been careful, proactive, and backed up that data? It is possible that you may be able to reasonably quickly restore your data from a backup and restart your operation. But, despite that, may still face the reality that some miscreant out there is in possession of a copy of your important data. You may find yourself faced with the unenviable task of notifying officials, notifying those whose data has been breached, and your reputation may suffer in the process.
The impacts can be felt by anyone. And, the biggest threat is likely sitting in your office today. It is not a malevolent or ignorant employee. It is a valued employee who will make a simple mistake, click a miscreant link, and admit some worm or horse into your network. The malfeasants of the underworld do not care whose data they get. They will be pleased to find someone they can leverage for millions of dollars, but won't refuse to leverage someone for less.
In short, there is no business that is safe. There is no data that is undesirable or unworthy of their attention. But, the big hits make the news.
This all returned to my consciousness in October when Sinclair Broadcasting quit broadcasting as normal. This is a big entity operating "300 stations across the country." Entities this large have IT departments and cybersecurity experts. They have software, training, and plans. And yet, they are vulnerable like we all are. Imagine the chagrin at becoming the subject of the news rather than just the purveyor of it?
ABC News reported, "Sinclair Broadcast Group hit with a ransomware attack." It described that there have been "at least two major ransomware attacks in the U.S. this year." This did not impact the company's ability to produce local news stories on the Internet. In fact, many of the stations owned by the company maintain a regular web presence in tandem with the broadcast news. Those pages are where many find the bulk of their daily local news. And, intriguingly, some of those pages did not carry the story that Sinclair had been hit, and their broadcast was interrupted.
The attack was about disruption of the business. The attack was about the access to information. And, in a significantly public forum, the threat of cybercrime was on display for many. In the spirit of 1985's "I Want My MTV," there were more than a few that exclaimed, "I want my local news." Possibly, there were those who elected to change the channel and seek that news from competitors. Ransomware and malware can be damaging to businesses in the moment and in their reputations.
Two? According to CNET, there have been five more "major" cyber events in 2021: Kaseya, JBS, Colonial Pipeline, Brenntag, and CNA Financial. Major, that is, but CNET does not list the Sinclair attack. It is fair to conclude that there have been many, many more that are not making the news, or reaching your ears. The threats are real and tangible. The big and small are at risk, and an entire industry is evolving to do battle with the miscreants, assist with recovery in their wake, address financial impacts, mitigate risk, and more.
The government is involved. As the government tends to be, it is involved a bit too slowly, too reactively, and with limited resources. But, we are seeing standards evolve. There are requirements for protecting networks and data. There are recommendations and information for the taking. And yet, there is a vast amount of business inaction, inadvertence, and ignorance.
We aim to go after some of that at the WCI this December. On Wednesday, December 15, 2021, I will lead off a breakout on cybersecurity, a WCI first. We will have the stellar team from the Center for Cybersecurity at UWF with us. They are the premier experts on this threat in the southeast, and among the world's best. The center is designated by the NSA as a hub regarding such threats and responses.
I will be joined by speakers providing the nuts and bolts of cyber presence and threat. And, the program includes an attorney discussing the liabilities that such threats bring to businesses great and small. There will be discussion of insurance for such challenges, and the intricacies that business faces in both obtaining such coverage and complying with the minimum basic standards to maintain coverage.
Is it workers' compensation? Not in the strictest sense. Does it affect everyone in the workers' compensation community? Absolutely, and without question. If you are in business, have data, or work with those who do, cybersecurity, insurance, compliance, indemnity agreements, and questions lie in your future. It is likely that they all lie in your present as well. It is time that you know what you face and how you may prevail. I hope to see the audience full of curious faces on December 15 as we start a workers' compensation community conversation about this subject. I hope you will be there.
