Battling the Ransomware Threat

By

Last summer, headlines pushed aside pandemic news with reports that:

image

© Eightshot Studio | stock.adobe.com

“Hackers Demand $75 Million to Unlock Firms Hit by Ransomware Attack.”

“What if Hackers Access My Business System?”

“Don’t Be That Employee: How to Avoid Ransomware Attacks at Home.”

Do these attacks pose a threat to reps, their manufacturers and the customers they both serve? Answers vary, but in general, responses offer cautionary advice on how to navigate what might be a potential minefield.

Preparation is mandatory, according to regular Agency Sales contributor Terry Brock. “Yes, this is something that everyone who uses a computer should be aware of and take certain steps to protect themselves as much as possible. For example, don’t click on a link if there is a slight chance it could lead to malware on your system. Carefully check who is the sender and if that seems reasonable. Knowledge to prevent attacks before they happen is, once again, the best approach.”

MANA Board member John Davis maintains there might be more of a danger to principals than to reps when it comes to ransomware. According to Davis, Paul Davis Automation, Inc., Chardon, Ohio, “If a manufacturer is victimized by ransomware, then yes, that could definitely affect a rep’s line of business as the company would likely be unable to ship products, conduct customer service, etc. We had this happen to one of our principals and it was a nightmare until it was sorted out. As far as rep agencies are concerned though, I don’t think that we have much exposure to the threat. Most ransomware is going after critical data and systems of control, such as ERP systems and important databases. Rep firms usually have neither, especially with the advent of cloud services. That said, if a rep firm is self-hosting all of their infrastructure, they could be a target, but I would imagine that those firms are in the minority.

Cybersecurity Protection

“As far as protection goes, the same rules apply for all cybersecurity. Use good passwords and don’t reuse them. Use a password vault. Don’t click on links in emails if they seem suspicious or are from an unknown sender. Don’t use USB keys that come from unknown sources. Install a good antivirus software and just generally be a healthy bit of paranoid.”

Adding his thoughts to the conversation, Kurt Nelson, CPMR, said “I do not believe that ransomware is a major threat to rep firms at this time but depending how this country handles or mishandles this growing threat, bad actors will learn that this is an opportunity where it is difficult to be caught, and the problem will grow exponentially.”

Nelson, a retired rep who served as the CRM specialist for NEMRA, continued, “Currently, on average there are 160 effective cyberattacks per week in the United States.

“Ransomware is not the only issue reps need to protect themselves from. There are viruses that can bring systems down, malware that can do the same, as well as basic data breaches. It is quite inexpensive for bad actors to target accounts with emails that look like they are from American Express, Visa, UPS, etc., and when opened, the malware infects the company’s system.

Cyber Insurance

“Since some rep firms have a very symbiotic relationship with their manufacturers (their systems are tied to each other, they transmit data back and forth, or even reps having email addresses on the factory system), manufacturers may start demanding that rep firms have a cyber insurance policy in effect as well as certain software that the manufacturer utilizes to protect its systems.

“Insurance and software are the two major lines of defense to this problem. Obviously, employees’ education about suspicious emails is just as important. Most rep firms already carry business interruption insurance, and they already use virus and malware protection software. The aforementioned policy and software products probably do not cover or protect from business extortion issues.”

Nelson advises that there are several cyber insurance carriers in the market, with AIG holding a 22 percent share of the cyber market. “What is great about AIG is that it plans to include cyber coverage in its commercial casualty insurance beginning this year.

“Liberty Mutual carries two types of products; Data Compromise and Cyber One. Data Compromise carries an annual aggregate limit of $50,000 for coverage for expenses resulting from a personal data breach. Cyber One provides third party liability coverage and defense for suits and damages resulting from a data breach.

“HSB cyber insurance covers computer-attacks, cyber extortion, data breach response, misdirected payment fraud, identity recovery, network security liability, electronic media liability, and more.”

He explained that “Cyber insurance rates vary by state, industry, and the amount of coverage that a firm is looking for. As an example, Hiscox Insurance writes policies from as low as $250,000 to $1,000,000.”

According to Nelson, “The second and most important line of defense is antivirus, anti-malware, and ransomware protection software. The best products out there have coverage for all three types of threats — a full disaster recovery software.

Back Up Files

“Another very low-cost consideration is for companies to back up their most important files offline, or through a cloud storage solution. There is a good chance that they can recover the data from the backup from a different machine. This is not a solution by itself, but extra protection.

“There is also a ransomware decryption tool software that you can buy or even get free. Free products may be the way to start with software from Avast or AVG. And, if the threat of ransomware grows, a firm can upgrade as needed.”

He added that some key features to make sure you have in the ransomware software you choose are:

  • Rollback capabilities for successful anti-exploit functionality.
  • Phishing notice in the browser.
  • Mobile device management.
  • Good reporting capabilities.
  • Good anti-phishing capabilities.

Additional cautionary advice was offered by two men with years of experience working with independent manufacturers’ reps in the healthcare industry. Tom Giordano and Henry Soch both served as vice presidents for Philips Medical Systems North America, and both have had experience working from the manufacturer’s side of the desk with independent reps working on the other side.

Impacts All Businesses

When he was asked to gauge the level of concern reps should have for their position regarding ransomware, Giordano said, “Obviously, this is an important consideration in the healthcare industry. I’d be surprised if reps in other industries felt that it might not have much of an impact on their businesses.”

Giordano, a 28-year veteran of Philips Healthcare, retired in 2005 as vice president of marketing, where he was responsible for 240 marketing professionals and several billion dollars in product. Following his retirement from Philips, he joined the adjunct faculty of the graduate business schools of the University of New Haven in Connecticut and the University of Washington in Seattle.

He continued, “For instance, think for a moment if I was a rep and the competition got hold of my price book. That could be very damaging. And, if they hacked into my system to gain information on logistics and supply chain, that could be very damaging.”

Henry Soch, former vice president, Philips Medical Systems North America; a member of the board of advisors, Healthcare at The Center for Innovation Commercialization, LLC; and a retired vice president of Sg2, a Vizient Company, went on to introduce the danger that could be posed by a bad actor gaining access to a rep’s private business information. He cited what he refers to as the “man in the middle actor,” a bad actor who could use a rep’s computer as a gateway to a manufacturer’s computers. “Even though this bad actor may not be physically connected to an organization, he can monitor what you are doing and gain your log-in information. In addition, they’re able to gain access to a manufacturer’s CRM program, which could be a major area of concern.”

Building on Soch’s remarks, Giordano referred to the danger that could be posed by a disgruntled manufacturer or rep employee. “Most people believe that these bad actors do what they do because their motive is to make money; and, that they all come from a foreign country. The fact is there are a number of hackers that actually work within the organizations that are being hacked and they have some sort of mission or political statement they want to make.

“For instance, imagine if an individual worked for rep agency ‘A’ and felt that they’re not being well treated. They move on to rep agency ‘B’ and from there, they are able to gain access to agency ‘A’s information and pass on negative information via social media or other means.

“This has been done on numerous occasions and it’s the perfect opportunity if someone has an ax to grind.”

Changing Passwords

Both men cautioned about the need to frequently change passwords. According to Soch, “As much as companies may encourage their employees to change their passwords often and be sure to use different characters and numbers, most people use the same passwords for all the sites they’re on. And, if it’s compromised in one place, it’s compromised everywhere.”

When he was asked if it was reasonable for independent reps to be on top of all these technology security concerns, Giordano emphasized, “If you’re a one-man operation or a member of a much larger organization, the risk is the same and the steps you should take to protect your information are just as important. This isn’t to say each individual has to be terrifically ‘tech savvy,’ but it is the responsibility of each individual to take the necessary steps to protect their information.”

Looking forward, is this situation going to get better or worse? In response to that question Soch said “As I look at the trends, I see almost a vertical slope showing that it’s going to get worse. It just makes sense that you need good security measures in place, and you must be a good digital citizen in terms of changing passwords and maintaining your anti-virus software systems and having someone check them with regularity.”

Giordano emphasized that education on this subject is a number-one consideration here. “Hackers are going to keep on changing. The more education we can provide how this works and what they need to be careful about is critical.”

MANA welcomes your comments on this article. Write to us at [email protected].

End of article

Jack Foster, president of Foster Communications, Fairfield, Connecticut, has been the editor of Agency Sales magazine for the past 23 years. Over the course of a more than 53-year career in journalism he has covered the communications’ spectrum from public relations to education, daily newspapers and trade publications. In addition to his work with MANA, he also has served as the editor of TED Magazine (NAED’s monthly publication), Electrical Advocate magazine, provided editorial services to NEMRA and MRERF as well as contributing to numerous publications including Electrical Wholesaling magazine and Electrical Marketing newsletter.