According to the Government Accountability Office, less than 50% of businesses carry cyber insurance coverage. At the same time, the average cost for a cybersecurity insurance claim for small to medium size businesses was $345,000 (NetDiligent). Everyone is aware of these statistics and the cost of the cybersecurity incident, however, not everyone believes they would ever be a target of a cyber-attack.
Could a commercial farm, an auto repair shop or a contractor be the target of a cyber-attack? You betcha!
Farm
Any situation that a business uses devices connected to the internet and would experience a loss of any amount were the system not to work as planned are a target of a cyber-attack. A dairy farm may use robots to feed, milk and monitor their cows’ health. This saves a farm on labor expenses and allows them to maximize the size of their farm with greater efficiency. The technology behind this is sophisticated and essential as dairy cows are milked two to three times per day. Now, what happens if that farm is the target of a ransomware attack due to using a password to the system that has been compromised? That farmer’s milking and feeding system could be entirely locked up until the ransom is paid. For another example, the technology behind a tractor is becoming more and more complex with GPS, driverless technology, and online programs that analyze the crop to determine how much pesticide is needed and where. It’s the perfect opportunity for a cyber criminal as crop and dairy farmers are thinking about their yield, not their cyber risk.
Auto Repair Shop
Mechanics know cars, not necessarily computer networks. They may use risky cybersecurity practices such as having the same Wi-Fi network for employees and the main computer system, outdated IT infrastructure or even low security when it comes to employee login details. There may be other internet-enabled devices connected to the network which an attacker may plant malware, hack into accounts via discovering passwords or eavesdrop on insecure Wi-Fi connections. These all can give a hacker a potential path into the network and could lead to customer files, ransomware attacks or the leaking of other important information.
Contractor
Trimble Viewpoint Blog shares a story about a small construction contractor in Georgia that was a target of a ransomware attack in 2020. The hackers gained access through an employee’s email account, gained administrative access, and began deleting cloud backups and encrypting servers. Thankfully the contractor had cyber insurance to help cover the expenses to get back up and running. While it took a week to get critical services back up, most backups being held for ransom were recovered, so the demands were ignored. While they did avoid paying the ransom due to having onsite backups, other significant expenses were still incurred such as attorney fees, rebuilding computers, reloading desktops, and restoring from data backups and had to rebuild some missing and corrupt data. Even though no ransom payment was made, the entire process of returning to normal was not cheap.
While these are just three examples, every industry is susceptible and a potential target to cybercrime. This makes it important to offer cyber insurance to every commercial client. They will thank you later.