Columbus is buying an insurance policy to protect city computers from data breaches or hackers who threaten to hold the city’s data hostage while demanding a ransom.
City Board of Works members Tuesday approved a contract for a year’s worth of cybersecurity insurance from Axis Surplus Insurance Co. of Chicago.
The contract, for $8,165, provides $1 million worth of cybersecurity protection in the event hackers gain access to the city’s computers or try to demand a ransom for return of the city’s data, said Jamie Brinegar, the city’s finance director.
Brinegar said the gap in the city’s insurance protection, identified by the city’s insurance committee, will be corrected through the purchase of the cybersecurity insurance through Johnson-Witkemper Insurance Services, 305 Washington St.
Seven ransomware attacks have been made on city computer servers since January, Brinegar told board of works members. Each of the incidents was detected by server protections already in place, thwarting off each of the attempts, Brinegar said.
A ransomware attack occurs when malicious software is used in an attempt to infiltrate computer servers, holding the server and its data hostage until a ransom is paid, according to Indiana State Police.
One such attack was successful Nov. 4 in Madison County, resulting in officials paying more than $21,000 in ransom to regain control of their county computer system. Indiana State Police and the Madison County Sheriff’s department are investigating the cyberattack, according to The Associated Press.
Lisa Cannon, director of the Madison County IT Department, told the Associated Press that the ransomware attack affected 600 personal computers and up to 75 servers.
Since then, Madison County has approved contracts for off-site data storage, firewall protection and a backup court computer system, which cost the county $198,180, the Associated Press reported.
In addition to ransomware attacks, Columbus’ cybersecurity insurance policy will protect against a hacker attempting to access city records or to obtain personal information about the city’s estimated 400 full-time and 100 part-time employees, Brinegar said.
Dan Fox, representing Johnson-Witkemper Insurance, explained cybersecurity insurance is a new coverage option that has only emerged in the past five years as cyberattacks have become more prevalent and in the wake of large data breaches such as the one affecting Target stores.
In late 2014 and early 2015, hackers stole credit card data from about 40 million of the company’s shoppers and personal information from more than 70 million of Target’s customers, the Associated Press reported.
While the $1 million in protection might seem to be a large amount, data breaches are expensive, Fox said. If a data breach occurred in the city, officials would need to provide notification to all those affected by the data loss and provide credit monitoring for them, he said.
Part of the insurance company’s coverage provides forensic coverage that would provide the city with information about how the security breach happened and what the city would need to do to prevent it from happening again, he said.
Fox said while the $8,165.15 premium might seem high now, he anticipates premiums will go down as more companies and government agencies begin signing up for cybersecurity coverage.
[sc:pullout-title pullout-title=”About ransomware” ][sc:pullout-text-begin]
Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid, according to the Indiana State Police.
The malicious software can get into a computer system through a downloaded file or a vulnerable area in a network or server. Hackers can install it on computers or smart phones, allowing it to hold the targeted victim’s data hostage, or threatening to leak the data publicly unless a ransom is paid.
Attacks can range from locking the data away from the owner, or encrypting the files to lock them while demanding ransom for the encryption key. Cybersecurity software applications are available to detect ransomware and stop it before it steals or encrypts data.
[sc:pullout-text-end]
