Intermittent encryption: the newest threat to cyber security

As the threat of intermittent encryption emerges, we’ve devoted the second blog of our series to understanding what it is, and how to prevent it.  

Cyber Security Month celebrates its 10th anniversary this year, and we’re all reminded of the common threats businesses face. As experts in the cyber security insurance field, NMU believes in supporting and informing clients to help them stay protected, and informed. Our focus in our latest blog is to highlight the specific risks that ransomware poses to modern businesses, and the latest threat intermittent encryption. To learn more about how phishing scams have evolved, read our previous blog here. 

What is ransomware?

Simply put, ransomware is malicious software that comes with a price tag. It’s put onto your clients’ IT device/system/network by “Threat Actors”, which is the technical term for hackers and cyber criminals. 

Attackers then threaten to publish your clients’ information or block access to their data and systems. Unless they pay a ransom, hence the name. 

How Intermittent Encryption damages your data

Hackers are go-getters, they’re always coming up with innovative new ways to strip clients of their privacy, assets, and data. An emerging ransomware tactic is a scattergun approach, where hackers use “intermittent encryption” to cause maximum damage in as short a time as possible. Victims’ files are only partially affected, so instead of encrypting entire files, they encrypt fragments of files. 

This seemingly random but clinical, calculated approach makes it much more difficult for threat detection tools to recognise an attack. This is due to partially encrypted files looking very similar to unaffected files. The ransom demand could be the first a victim knows of a breach. So, the damage can be stealthy, swift, and brutal.  

The impact of an attack on your clients’ businesses

In August, the National Cyber Security Centre described ransomware as “the biggest online threat to UK organisations”. The impact of a breach can be eye watering. 

The average cost of a ransomware attack on a UK organisation is £961,983 (Sophos) 60% of breaches led to price increases for customers (IBM), potentially making companies less competitive 

Breaches can take a very long time for businesses to recover from, if they can recover at all. In fact, as many as 60% of small businesses who suffer a data breach go out of business within six months. IBM found it took an average of 275 days to identify and contain a breach with extended detection and response tech (XDR), versus 304 days without XDR. This level of disruption can bring a business to its knees. And not only do your clients face disruption, data loss and all the associated costs, they also have to deal with all the admin that goes with it, such as reporting the breach to the ICO. Not to mention the reputational damage. 

How to protect against the rise of intermittent encryption

It’s clear that new techniques being used by cyber criminals, such as intermittent encryption, underline how quickly the cyber threat landscape is developing and why cyber security alone isn’t enough anymore. 

A common misconception is that only large companies are at risk of cyber attacks but the reality of today’s landscape is such that any business can be targeted. Fortunately, there are products to protect businesses of all shapes and sizes. Companies with insurance protection experienced an average £214,405 lower breach losses than companies without (IBM). 

It’s clear all businesses need to take cyber security and insurance seriously. There are lots of steps clients can take to minimise their risk, and remedy any losses caused by an attack.  

Specialists who can help insure and recover your clients’ IT security

At NMU, we don’t just cover policyholders insured losses. We also provide prevention services, breach response, and recovery. So, your clients are supported every step of the way. 

As always, the strongest and weakest links in a business’ armoury is human error and Social Engineering Fraud is still the most frequent in terms of claims volume, so take the time to train and educate your workforce on the signs and how they can individually play a role in preventing a cyber breach from happening. For example, not forgetting to verbally double check bank details for payment requests. 

SMEs are as vulnerable to attack as large corporations, so cyber security is everybody’s business. With CyberSafe, your clients have a simple, robust solution for cyber liabilities, cybercrime, and restorative support. 

Contact us

For more information about our CyberSafe Insurance or our e-trade solution, contact your NMU Development underwriter or our cyber team; 

Cliff White, Underwriter – 07971 923108
John Kellett, Underwriter – 07568 432512
James Holder, Underwriter – 07581 045620
Matt Drinkwater, Cyber & Financial Lines Underwriting Manager – 07748 676262