November 10, 2016
In September, the FTC hosted a workshop on ransomware, one of the most serious online threats facing people and businesses today — and the most profitable form of malware criminals use. How does ransomware work? Hackers hold your files “hostage”— often encrypting them — then demand payment, typically in bitcoins, for you to get them back.
Missed the workshop? Check out our videos featuring conversations with security researchers, technologists, law enforcers, and business leaders. Want some bite-sized takeaways? Here are some tips to protect your devices from ransomware, and what to do if you’re a victim.
How can I defend against ransomware?
What if I’m a victim of ransomware?
Should I pay the ransom?
Law enforcement doesn’t recommend paying the ransom, although it’s up to you to determine whether the risks and costs of paying are worth the possibility of getting your files back. If you pay the ransom, there’s no guarantee you’ll get your files back. In fact, agreeing to pay signals to criminals that you haven’t backed up your files. Knowing this, they may increase the ransom price — and may delete or deny access to your files anyway. Even if you do get your files back, they may be corrupted. And you might be a target for other scams.
PRIVACY/DATA BREACH CYBER LIABILITY PREMIUM INDICATION FORM
(Completion of this form does not guarantee a contract of insurance. This is for a non-binding “Premium Indication” only. Premiums are subject to change upon full completion of a Cyber Liability Application.)
Name of applicant: ____________________________________________________________
Address of applicant:___________________________________________________________
City: ____________________________ State: ________ Zip: ______________
Telephone: ______________________ Website address: __________________________
General description of operations of applicant:
Number of employees: ______________ Annual revenue: ____________________________
How many electronic records (customers or employees) containing personally identifiable
information are held by the applicant? ________________________________
1. Does the applicant control access to the computer system? Yes No
2. Does the applicant have a firewall? Yes No
3. Does the applicant have a virus protection program in place? Yes No
4. Does the applicant outsource any part of the internal networking/computer
system or internet access to others? Yes No
5. Does the applicant have a person responsible for IT security? Yes No
6. Does the applicant’s hiring process include criminal background checks? Yes No
7. Does the applicant have a written security policy? Yes No
8. Does the applicant test their security or privacy controls? Yes No
9. Has the applicant ever experienced a privacy or data breach? Yes No
10. Does the applicant allow employees to download personal client information
or other confidential information onto laptops or other data files? Yes No
(If yes, is the data encrypted?) Yes No
11. What personal client or employee information is held? (Check all that apply)
Social Security Numbers Driver’s License Numbers
Financial Account Numbers Credit Card Numbers
Personal Health Information Other (please specify) ______________________
12. Has the applicant ever filed a Privacy/Data Breach claim? Yes No
(If “yes”, please note date of incident and provide brief explanation)
I understand that this is a non-binding premium indication for Privacy/Data Breach Cyber Liability coverage. To receive a bindable quote, I/my client must complete the Cyber Liability application.
Applicant or Agent Signature: _____________________________________ Date: _________________
Phone: **Ring, ring, ring**
These days, even our refrigerators are connected to the Internet. Internet-connected devices – including life-saving medical devices, wearable fitness trackers, appliances, and smart thermostats – bring tremendous convenience to our lives, but they are also potential targets for cyber criminals looking to steal consumer information.
Keep your personal information and identity safe from cyber threats by reading privacy policies – make sure you know what information a device or app will collect from you, and research the device manufacturer’s reputation. Also use strong passwords on these devices and perform regular updates to avoid viruses and malware. Check out our Internet of Things Tip Card for more information.