How to Prevent Ransomware Attacks
Nov. 10, 2020—Mike Anderson, president and owner of Collision Advice, said he personally knows of 13 shops that have been hacked and had their information held for ransom.
He shared this during a webinar hosted by the Collision Industry Electronic Commerce Association. The event focused on cybersecurity among the collision repair shops.
“One [shop] had to pay as much as $30,000,” Anderson said. “None of their IT people could get them out of it, and they had to be paid in Bitcoin.”
David Willet, underwriting value creation executive at ProSight Specialty Insurance, warns shops that do not have a cybersecurity policy already in place, if they don’t act soon, they will be left behind and their shop’s information left vulnerable.
Anderson and Willet shared first hand experience, prevention measures, and items to watch out for to keep your shop, its data, and your customer’s data, safe from hackers.
Anderson says the first step in prevention is ensuring your company is partnered with an official IT company.
“Make sure you use a professional company who really knows IT, not just a friend-of-a-friend,” he said.
A second step for shops should be encryption. Willet says encryption, which is done by a reputable IT company, is what keeps the personally identifiable information (PII) secure from hackers. PII is among the most vulnerable data because it stores customer information ranging from an individual’s full name and address, to their driver’s license number, cell phone number, and even credit card numbers.
“The encryption is what protects the PII,” said Willet. “Even if [hackers] get the PII, they won’t have the key.”
The third piece of the puzzle is making sure your shop has the correct coverage. Willet says ransomware attacks are usually covered under extortion coverage, but he warns that “not all coverage is created equal.” Many policies state that you’re not under coverage unless you have taken every precaution, Willet says.
But what are these precautions?
One of the most important precautions that can be taken is having separate WiFi for the business and for customers. Anderson also warns that allowing employees to access the business’s WiFi could have consequences.
“Shops also need to be weary of social media,” Anderson said. “Technicians post photos of cars they’re working on and include the license plate or VIN, there needs to be a company-wide policy in regards to all of those things.”
Another precaution Willet recommends is vulnerability testing. Conducted by an IT team, vulnerability testing can identify open ports or higher risk areas where hackers could gain entrance.
Arguably the most important precaution is education. Anderson recommends sitting down with your staff and detailing which sites to avoid and where risks can be minimized.
“When one teammate clicks on a suspicious link, they open up another door,” Anderson said, leaving the shop’s information at risk.
Whether you decide to implement training courses, a sample security policy, or a sit-down between shop workers and the IT team, prevention is the first step to avoiding ransomware attacks in your shop.
“After-the-fact is too late, we need to be having these conversations on the front end,” said Anderson.