Insights

Nail Your Communications During a Cyber Event

March 5, 2021

/Cyber Liability

Recently, reports surfaced that the DoppelPaymer ransomware gang targeted Hyundai Motor America and its subsidiary Kia Motors America with ransomware attacks. The car makers’ data was allegedly hijacked and encrypted, and the companies reportedly extorted for the equivalent of $20 million in bitcoin.

Laptop communication web

While Hyundai acknowledged they were experiencing some IT issues, they denied it was a cyber attack, despite news reports to the contrary and social media posts that claimed Kia employees confirmed the incident.

In a statement to BleepingComputer.com, Hyundai said, “At this time, we can confirm that we have no evidence of Hyundai Motor America’s involvement in a ‘ransomware’ attack.”

SecurityWeek.com also reported on the matter and stated that they “checked the website where the DoppelPaymer hackers leak data from victims and post proof that they breached the companies, but at the time of writing, there is no mention of Hyundai or Kia.”

What actually happened remains to be seen, but this story illustrates the importance of a communications strategy as part of your cyber incident response plan (you do have one of those, right?).

As cyber incidents become more common, ransomware is considered the Number 1 threat to businesses. Even so, 50% of information security professionals do not believe they are prepared for a ransomware attack, according to PurpleSec.

So, here are three things to consider as you forge your communications strategy as part of your cyber incident response plan.

Shaping the Narrative

No company wants to admit they were the victim of a data breach, much less one that is holding their entire network hostage, risking both their data and reputation.

While it remains to be seen if Hyundai/Kia was, in fact, the victim of a ransomware attack, when news reports and social media posts are contradicting the official company story, it’s indicative that the company was not taking steps to effectively communicate what was happening right away.

Of course, in the midst of a crisis, even the best communication plan can crumble. Here, it’s important to remember that there’s only one version of the truth and sticking to the facts of what happened will always serve your best interest.

Handling Internal Communications

Your employees are the face of your organization, but never more than in times of crisis. They should be some of the first people to receive information.

When you equip them with key talking points and messages to tell customers, friends, and family reaching out with questions about the cyber event (and give them guidance on where to direct media inquiries), you empower them and reassure them that the company has the situation under control.

Preparing for the Incident

Scribbling a media release on the back of an envelope with a Sharpie after your network has been hacked can go all kinds of wrong. Build a communication plan into your cyber incident response plan ahead of time.

As ransomware attacks become a No. 1 threat to businesses when it comes to cybersecurity, nailing your communications during a crisis can put stakeholders at ease knowing you’ve got it covered.

For more insights like this, check out the Cyber Notebook or get more Cyber Dan insights by subscribing to our YouTube channel.

Cyber Dan Insights: Employee Communications After a Cyber Event

ON-DEMAND WEBINARS

P&C 101: Cyber Liability

This is the fifth in an 8-part webinar series on a wide variety of P&C issues including property, general liability, auto liability, workers’ compensation, captives and risk financing, cyber liability, international and environmental liability.

WATCH NOW »

Related Blog Posts

Was this post helpful?

See all articles by Dan Burke

All views expressed in this article are the author’s own and do not necessarily represent the position of Woodruff-Sawyer & Co.

Dan Burke

Senior Vice President, National Cyber Practice Leader

Editor, Cyber Liability

As National Cyber Practice Leader, Dan drives the strategy to grow our cyber business, such as developing tools to help clients and prospects understand and quantify their cyber exposures, as well as thought leadership. He frequently speaks at industry conferences and has been quoted in various trade magazines and newsletters, including The Wall Street Journal.

415.402.6514

LinkedIn

Dan Burke

Senior Vice President, National Cyber Practice Leader

Editor, Cyber Liability

As National Cyber Practice Leader, Dan drives the strategy to grow our cyber business, such as developing tools to help clients and prospects understand and quantify their cyber exposures, as well as thought leadership. He frequently speaks at industry conferences and has been quoted in various trade magazines and newsletters, including The Wall Street Journal.

415.402.6514

LinkedIn