author photo
By Bruce Sussman
Mon | Nov 30, 2020 | 7:15 AM PST

What can attackers do with only a few days of access to your corporate network? 

They can cause you to revise your earnings downward and cut into your organization's free cashflow.

A large provider of IT services in the EU is the latest example that cyber risk is business risk.

Sopra Steria IT company hit with Ryuk ransomware

Like too many organizations around the globe, the French IT company is remediating a Ryuk ransomware attack. From the latest company update:

"On 21 October, Sopra Steria announced it had detected a cyberattack using a previously unknown version of the Ryuk ransomware.

This attack was rapidly blocked thanks to in-house IT and cybersecurity teams. The measures implemented immediately made it possible to contain the virus to only a limited part of the Group's infrastructure and to protect its customers and partners."

The company says the attack impacted workstations, R&D and production servers, and in-house tools and applications. Customer connections which were severed during incident response have also been gradually restored.

And the costs are mounting.

Ryuk ransomware recovery could cost $60 million

In its latest update, Sopra Steria says recovering from the attack is expensive enough that it needed to warn investors:

"The remediation and differing levels of unavailability of the various systems since 21 October is expected to have a gross negative impact on the operating margin of between €40 million and €50 million. The Group's insurance coverage for cyber risks totals €30 million.

After including the items mentioned above, for financial year 2020 Sopra Steria expects to see negative organic revenue growth of between 4.5% and 5.0% (previously 'between -2% and -4%'), an operating margin on business activity of around 6.5% (previously 'between 6% and 7%'), and free cash flow of between €50 million and €100 million (previously 'between €80m and €120m')."

Without insurance, these numbers for investors would have been even worse.

Does your organization have cyber insurance?

Cyber attorney Shawn Tuma of Spencer Fane says your organization not only needs to have a specific cyber insurance policy, but also that business and security leaders need to evaluate and understand it.

"It seems like companies are starting to get it that they need cyber insurance and they're buying cyber insurance. The next step, though, is to make sure they're getting the appropriate insurance and to make sure it does cover their organization's unique risks. And what I would also say: the old assumption is if you don't know you have the right cyber insurance, you probably don't."

He suggests using an insurance broker to shop for cyber insurance policies because they vary significantly based on which company issues the policy.

Tags: Ransomware,
Comments