Denied: How One Small Mistake Led to a Network-wide Ransomware Attack Not Covered by Insurance
Have you thought about how one tiny issue could lead to a business-shuttering, network-wide attack your cyber insurance policy won’t cover?
I recently got a call from a CEO of a non-profit who was hit by a network-wide ransomware attack. It hit everyone: their HR person, their accountant, their customer relationship management system, and their operations.
But here’s the thing. Up until the event happened, this organization believed its network to be secure.
After an analysis, it was found that they had almost everything secured.
But almost doesn’t cut it because hackers only need one small vulnerability.
So, what happened?
The non-profit’s IT team had recently made some changes to a server. One technician made a change that would make the project easier, but it opened up a vulnerability in the server. The project lasted a few weeks and when it was done, the technician forgot to revert the change to the original.
He left a door open to the network, which a hacking group then used to get into the files. Once they were in, the hackers flew through the network like wildfire. It was one small mistake and it ended up costing them big money.
But that’s not the end of the story. Did you know that an event like this is actually considered a compliance issue with cyber insurance providers? That means if it happened to your organization, your claim would be denied. You didn’t know you had a problem, so you assured your insurance provider you had no configuration issues (the hole the hacker got in).
But you did have a hole and the hackers got in.
How could this mistake happen?
In the IT world, this mistake is as easy to make as a typo in a blog post (and trust me when I say they are VERY easy to make). It wasn’t massive negligence or the result of a poorly trained technician.
Unless you have a second pair of eyes overlooking your projects, you might end up with more risks on your network too.
You cannot proofread your work. This technician missed a critical typo and is now reeling from what could be a career-shattering event.
What can you do about this?
Understand your risks and get a third-party assessment.
If there is a change to your network, your team should be able to evaluate the risk of the project from a security standpoint and be able to evaluate points to check when the project is completed. But who’s going to proofread?
A third-party assessment is like getting a proofreader.
You need someone external to evaluate your network after projects are completed or network changes are implemented. It’s a critical step to avoid new risks on your network. A third-party assessment can stop mistakes before they become tragedies.