The New PR Crisis: Ransomware Attacks During COVID-19

Throughout COVID-19, we have seen a variety of threats impact our health and economy, but the pandemic is now allowing for the reemergence of a pre-existing danger that many of us may not prioritize as a true concern – ransomware attacks. This is when hackers will use malware to collect a victim’s data and they will either block access to it or publish it if a ransom payment is not made. 

The first threat of ransomware dates to 1989 with the AIDS Trojan, also known as the PC Cyborg virus, which targeted the healthcare industry. Since that time ransomware attacks have hit crisis levels with millions happening every year. But as more companies, schools and people have moved to remote working and learning during the pandemic, it has allowed hackers to push the boundaries on taking advantage of others, leaving many unprepared on how to respond to the public relations fallout. 

The potential for negative fallout is real and could impact hundreds of companies and organizations if they’re not prepared. A new study by CrowdStrike, a cybersecurity technology company based in California, found that there were more hacking attempts on the company’s clients in the first six months of 2020 than in the entirety of 2019.

Anyone and any business can be a target, but one of the easiest marks for hackers currently are schools – often due to having outdated computer systems.  

With students returning to school in September, for example, attacks have already been made against Hartford public schools in Connecticut and Fairfax County Public Schools in Virginia. A cyberattack on the Newhall School District in California also forced the shutdown of online learning for approximately 6,000 elementary students. 

Whether we understand the full scope of the issue, data breaches are a real threat, but there are ways in which businesses, schools, individuals and others can face ransomware head on. 

How to Avoid Ransomware Attacks: 

• Put a plan in place – There are several steps that can be taken to prevent data breaches, such as making sure computer systems are regularly updated with the latest preventative measures. But the plan should also include a crisis communications strategy for communicating to all relevant stakeholders who could be impacted by the attack, as well as media. A strategy would provide key messaging that is clear and transparent and focuses on what happened, what you are doing and how to prevent it from happening again.  
• Prepare for an attack – Educating yourself, employees and students is an important step in training and preparing for an attack. Preparation should also include speaking with experts in legal, cybersecurity, insurance and other areas to make sure everyone is acting with one goal in mind.  
• Practice an attack – One may not like the idea of a data breach occurring, but it is better to practice what should happen if an attack does occur. Practicing may also include media trainings for executives and spokesperson who would be talking directly with the media or stakeholders.

How to Handle Ransomware Attacks: 

• Treat it as a serious crisis – Hackers are not asking for chump change. The global estimate for ransomware attacks for 2020 is $170 billion, for an average demand of $84,000. In the U.S. along, attacks are estimated at $1.4 billion according to a new Emsisoft report.  
• Take real action, quickly – A plan was established for a reason and following through with the steps of those plans will help you address the issue at hand.  
• Transparency will be key – Employees, customers, stakeholders, students and others who are affected will want to know what is happening. Providing messages that present the issue and the response clearly will be important.  
• Try to show empathy – Displaying empathy to those who are impacted by the data breach will be key. This means understanding the problems they will be facing, such as students not being able to learn during the pandemic.  
• Talk with experts – Speaking with your legal and cybersecurity teams to ensure you are responding the to attack appropriately.
• Track conversations and news – Monitoring what is being said in the news and on social media will be important to understand how people are viewing the ransomware attack and your response. Utilizing social media for example can help you stop, correct and manage the spread of false information. 

Following these recommendations may not stop ransomware attacks, but they can help prevent a crisis from turning into a PR nightmare. 

To learn more on how Xenophon Strategies can assist you in preparing for and responding to cybersecurity threats, please contact us at: https://xenophonstrategies.com/contact or call: 202-289-4001. 

For emergencies, you can also call our Crisis Hotline 24/7: 708-237-6422.