Protecting Against Ransomware Attacks
Nov. 25, 2020—Mike Anderson, president and owner of Collision Advice, said he personally knows of 13 shops that have been hacked and had their information held for ransom.
He shared this during a recent webinar hosted by the Collision Industry Electronic Commerce Association, which focused on cybersecurity for collision repair shops.
“One [shop] had to pay as much as $30,000,” Anderson said. “None of their IT people could get them out of it, and [the hackers] had to be paid in Bitcoin.”
David Willet, underwriting value creation executive at ProSight Specialty Insurance, warns shops without a cybersecurity policy already in place that if they don’t act soon, they will be left behind and their shop’s information will be left vulnerable.
Anderson and Willet shared firsthand experiences, prevention measures, and items to watch out for to keep your shop, its data, and your customer’s data, safe from hackers.
Anderson said the first step in prevention is ensuring your company is partnered with an official IT company.
“Make sure you use a professional company who really knows IT, not just a friend-of-a-friend,” he said.
A second step for shops should be encryption. Willet said encryption, which is done by a reputable IT company, is what keeps personally identifiable information (PII) secure from hackers. PII is among the most vulnerable data because it stores customer information ranging from an individual’s full name and address, to their driver’s license number, cell phone number, and even credit card numbers.
“The encryption is what protects the PII,” said Willet. “Even if [hackers] get the PII, they won’t have the key.”
The third piece of the puzzle is making sure your shop has the correct insurance coverage. Willet said ransomware attacks are usually covered under extortion coverage, but he warns that “not all coverage is created equal.” Many policies state that you’re not under coverage unless you have taken every precaution, Willet said.
But what are these precautions?
One of the most important precautions that can be taken is having separate WiFi for the business and for customers. Anderson also warns that allowing employees to access the business’s WiFi could have consequences.
“Shops also need to be weary of social media,” Anderson said. “Technicians post photos of cars they’re working on and include the license plate or VIN, there needs to be a company-wide policy in regards to all of those things.”
Another precaution Willet recommends is vulnerability testing. Conducted by an IT team, vulnerability testing can identify open ports or higher risk areas where hackers could gain entrance.
Arguably the most important precaution is education. Anderson recommends sitting down with your staff and detailing which sites to avoid and where risks can be minimized.
“When one teammate clicks on a suspicious link, they open up another door,” Anderson said, leaving the shop’s information at risk.
Whether you decide to implement training courses, a sample security policy, or a sit-down between shop workers and the IT team, prevention is the first step to avoiding ransomware attacks at your shop.
“After the fact is too late, we need to be having these conversations on the front end,” said Anderson.