Intermittent encryption: the newest threat to cyber security

ransomware

As the threat of intermittent encryption emerges, we’ve devoted the second blog of our series to understanding what it is, and how to prevent it.  

Cyber Security Month celebrates its 10th anniversary this year, and we’re all reminded of the common threats businesses face. As experts in the cyber security insurance field, NMU believes in supporting and informing clients to help them stay protected, and informed. Our focus in our latest blog is to highlight the specific risks that ransomware poses to modern businesses, and the latest threat intermittent encryption. To learn more about how phishing scams have evolved, read our previous blog here

What is ransomware?

Simply put, ransomware is malicious software that comes with a price tag. It’s put onto your clients’ IT device/system/network by “Threat Actors”, which is the technical term for hackers and cyber criminals. 

Attackers then threaten to publish your clients’ information or block access to their data and systems. Unless they pay a ransom, hence the name. 

How Intermittent Encryption damages your data

Hackers are go-getters, they’re always coming up with innovative new ways to strip clients of their privacy, assets, and data. An emerging ransomware tactic is a scattergun approach, where hackers use “intermittent encryption” to cause maximum damage in as short a time as possible. Victims’ files are only partially affected, so instead of encrypting entire files, they encrypt fragments of files. 

This seemingly random but clinical, calculated approach makes it much more difficult for threat detection tools to recognise an attack. This is due to partially encrypted files looking very similar to unaffected files. The ransom demand could be the first a victim knows of a breach. So, the damage can be stealthy, swift, and brutal.  

The impact of an attack on your clients’ businesses

In August, the National Cyber Security Centre described ransomware as “the biggest online threat to UK organisations”. The impact of a breach can be eye watering. 

  • The average cost of a ransomware attack on a UK organisation is £961,983 (Sophos) 
  • 60% of breaches led to price increases for customers (IBM), potentially making companies less competitive 

Breaches can take a very long time for businesses to recover from, if they can recover at all. In fact, as many as 60% of small businesses who suffer a data breach go out of business within six months. IBM found it took an average of 275 days to identify and contain a breach with extended detection and response tech (XDR), versus 304 days without XDR. This level of disruption can bring a business to its knees. And not only do your clients face disruption, data loss and all the associated costs, they also have to deal with all the admin that goes with it, such as reporting the breach to the ICO. Not to mention the reputational damage. 

How to protect against the rise of intermittent encryption

It’s clear that new techniques being used by cyber criminals, such as intermittent encryption, underline how quickly the cyber threat landscape is developing and why cyber security alone isn’t enough anymore. 

A common misconception is that only large companies are at risk of cyber attacks but the reality of today’s landscape is such that any business can be targeted. Fortunately, there are products to protect businesses of all shapes and sizes. Companies with insurance protection experienced an average £214,405 lower breach losses than companies without (IBM). 

It’s clear all businesses need to take cyber security and insurance seriously. There are lots of steps clients can take to minimise their risk, and remedy any losses caused by an attack.  

Specialists who can help insure and recover your clients’ IT security

At NMU, we don’t just cover policyholders insured losses. We also provide prevention services, breach response, and recovery. So, your clients are supported every step of the way. 

As always, the strongest and weakest links in a business’ armoury is human error and Social Engineering Fraud is still the most frequent in terms of claims volume, so take the time to train and educate your workforce on the signs and how they can individually play a role in preventing a cyber breach from happening. For example, not forgetting to verbally double check bank details for payment requests. 

SMEs are as vulnerable to attack as large corporations, so cyber security is everybody’s business. With CyberSafe, your clients have a simple, robust solution for cyber liabilities, cybercrime, and restorative support. 

Contact us

For more information about our CyberSafe Insurance or our e-trade solution, contact your NMU Development underwriter or our cyber team; 

Cliff White, Underwriter – 07971 923108
John Kellett, Underwriter – 07568 432512
James Holder, Underwriter – 07581 045620
Matt Drinkwater, Cyber & Financial Lines Underwriting Manager – 07748 676262

CLICK HERE TO SIGN UP FOR OUR
FREE BI-WEEKLY NEWSLETTER

About NMU

NMU is an award-winning provider of specialty insurance solutions

We are the first choice for brokers looking for specialty insurance, offering solutions that are not simply off-the-shelf, but built upon a real understanding of the risks faced by policyholders. This, together with our ability to write risks such as storage, installation, construction and exhibitions outside of the UK and offer terrorism cover on overseas property, sets us apart from the competition.

You can count on us, when you need us most! We are NMU

Our team of professionals based across the UK, provides customers with an in-depth product knowledge and a real personal service.

We provide bespoke insurance products that are not simply off-the-shelf solutions, but built upon a real understanding of the risks faced by policyholders as well as offering added value services to benefit our clients.

Our product and services range comprises:

Cargo InsuranceMarine cargo policies cover goods during import and export, including any incidental storage, as well as domestic distribution. Stock throughput polices can cater for all this plus other, intentional storage…read more

Freight Liability InsuranceCovering the liabilities to which hauliers, freight forwarders and warehouse keepers are exposed when they contract to move or store goods owned by others…read more

Engineering InsuranceCovering contractors’ all risks (CAR), erection all risks (EAR) and contractors’ plant; machinery movement (and installation), breakdown and business interruption; deterioration of stock; and electronic risks…read more

Marine Equipment InsuranceCovering remotely-operated and autonomous underwater equipment – ROVs, AUVs and the like…read more

Terrorism and Sabotage InsuranceStandalone terrorism cover can be a more flexible and cost-effective alternative to traditional placement routes…read more

Motorsport InsuranceDesigned for commercial risks, our motorsport policy offers 24/7 cover for teams at all levels across all disciplines…read more

Cyber InsuranceProviding SMEs with a simple, robust solution for cyber liabilities, cybercrime and restorative support…read more

Risk ControlWhilst we pride ourselves on our claims service, there is far more benefit to policyholders in preventing loss and damage in the first place…read more

Online FacilitiesTo complement our award-winning service, we use online facilities to assist NMU policyholders and brokers alike…read more

Claims ManagementWe pride ourselves on prompt and efficient claims management, which is supported by the use of independent surveyors and adjusters to quantify larger losses and to give advice on mitigation measures…read more

Latest video

NMU video: Celebrating 40 years in business

Authored by NMUA lot has changed over the last four decades – the way we work and communicate, the risks we insure, the technology we use to provide the best... click here for more