- Emergency Consultation Services
- Risk Management Services
- Who We Are
- Our People
- What We Do
- Why We Are Different
- What’s New
- Where We Are
By: Robyn Flegal
As of May 18, 2017, more than 200,000 computers in 150 countries have been hit by a large-scale ransomware attack. Victims of the attack include the British National Health Service, FedEx, and Renault. By exploiting a vulnerability in outdated versions of Microsoft Windows, including Windows XP, the “WannaCry” ransomware encrypts data on devices running unsupported Microsoft software. The data is held hostage until the victim pays a ransom of approximately $300 per device.
While it is not yet clear who is to blame or how this could have been prevented, the costs associated with this attack are much higher than the $300 ransom. Business was lost while devices were encrypted. Experts also believe that businesses running outdated versions of Windows could face liability as a result of this attack. This is because Microsoft offered a security patch for these vulnerabilities in March of 2017, but many users had not yet applied the patch or had not otherwise updated their software. Those affected in Asia and Europe face an increased risk of exposure, as almost 90% of cyber insurance policies are sold within the United States.
To avoid WannaCry and other future cyberattacks, be sure to upgrade your Microsoft systems and regularly install software updates when they become available. If you are running Windows XP or other older versions of Windows, please be aware that Microsoft is offering free security updates via its website.
The Cyber, Data Security, and Privacy practice group attorneys are here to assist you. Please contact Robyn Flegal at [email protected] for more information.