Tag Archives: cyber extortion

4 Ways to Boost Cybersecurity

Cybersecurity threats faced by insurance companies are growing and evolving at an alarming rate. This has been spurred by many factors, including the internet of things (IoT). While the IoT presents opportunities for insurers, it also exposes security gaps. The severity and frequency of cyber-attacks are likely to increase.

Insurers must commit to protecting sensitive customer information in a compliant and reliable way. The cybersecurity threat is huge. It is time for insurance companies to reboot their approaches to cybersecurity.

Common cybersecurity threats facing the insurance industry

Cyber-extortion

Cyber extortion is increasingly becoming a common problem. Some types of ransomware attacks are so effective that victims may be forced to meet the attacker’s demands and pay a hefty bribe to get their systems running again.

Automated threats

Credential cracking, vulnerability scanning, bad bots, credential stuffing and denial of service can potentially shut down a company’s systems quickly.

Identity theft and loss of confidential data

Identity theft may result from system vulnerabilities to data breaches. For instance, files stored on a firm’s local servers may not be protected adequately. Insurers collect and store sensitive personal client information. This information can be particularly valuable for attackers to sell in black markets. They can use it as a tool for fraud, extortion, unauthorized borrowing and many other financial crimes.

Business disruption and reputation damage

Cyber-attacks can seriously disrupt business. For instance, a cyber-attack on Sony Pictures erased its computer infrastructure, including telephone directories, emails, voicemails and business records like contract templates. A malicious attack like this on an insurer could disrupt operations for months.

See also: Cybersecurity for the Insurance Industry

The foundation of any insurance business is policyholder trust. If an insurance company were to suffer a data breach exposing policyholder information or a cyber-attack that renders it unable to conduct normal operations, that trust would be shaken. This, in turn, can lead to reputation damage that may hurt the confidence of investors, consumers, policyholders and rating agencies.

Four tips for boosting security

1. Assess your defense capabilities realistically

Pressure-testing the company’s defenses can determine whether they can repel targeted, high-impact attacks, whether external or internal. The testing includes vulnerability assessment, testing programs, penetration tests and scenario-based testing. Consider hiring a cyber-security firm to test your defenses.

2. Invest in early detection

Insurers need to continually invest and innovate to thwart potential attackers. Early detection is crucial. Otherwise, a cyber-attack can sit undetected for weeks.

Efficient and quick detection and response will help determine the source of the attack, the systems targeted, extent and cause. Then, the threat can be neutralized before damage is done. Insurers need to invest in technology. There is a wide range of software solutions that provide near-real-time threat detection.

3. Making cybersecurity everyone’s job

While implementing sophisticated systems will reduce external threats, insurers tend to neglect internal threats such as human error, which could include revealing customer data in response to a convincing phishing email. Cybersecurity awareness among employees can significantly decrease the risk of cyber-attacks resulting from human error.

Alert employees can provide early detection. An Accenture survey found that up to 98% of security breaches that are not detected by a firm’s security team are discovered by employees.

4. Learn from the past and evolve

Effective cybersecurity requires insurers to learn from previous cyber incidents and use the learning to improve planning and technology investments. Solutions include:

  • Upgrading systems: Using last-generation or unpatched security software provides easy fodder for cyber attackers. Speak to your IT consultant about upgrading your systems.
  • Migrating systems to the cloud: The cloud provides users a wide range of compliant and secure storage solutions. Choose a cloud provider that offers the highest possible security.
  • Implementing appropriate security software, protocols, and appliances: This will effectively shield data and systems from automated threats.
  • Establishing a disaster recovery plan: Despite all efforts, systems can be breached. Have a detailed up-to-date plan so that you can respond effectively to any problem, major or minor.

See also: Global Trend Map No. 12: Cybersecurity  

Cyber-crooks are relentless and determined. Security is an continuing battle. You can’t afford to let down your guard a second. Staying one step ahead of hackers takes constant effort.

Cyber Insurance: Coming of Age in ’17?

2016 was definitely the year of cyber insurance emergence. As large-scale attacks and disclosures of massive data-breaches were recurring, we realized once again that allocating tremendous efforts and resources to your cybersecurity defense does not provide any guarantee you won’t experience an incident.

Executives and security professionals are gradually accepting that it is not a matter of if but a matter of when their organization will be hit by a cyber-attack. With this understanding, many businesses acknowledge cyber insurance as an important tool in the multilayer cybersecurity defense approach and declare it is an essential part of their risk mitigation strategy.

See also: 10 Cyber Security Predictions for 2017  

Here are some of my personal predictions for the cyber insurance market this year:

  1. An increasing number of security vendors will provide insurance guarantees. 2016 signaled a new path in the cybersecurity industry as few emerging startups started to offer a cyber insurance coverage of as much as $1 million per organization that will be fully covered with their defense solutions (e.g. SentinelOne and Cymmetria). I expect this trend to intensify through 2017, and well-established vendors will gradually follow to offer a bundle of protection plus insurance.
  2. We will see an increase in the number of insurance companies that will start to offer cybersecurity services. As cyber insurance is emerging and as many new insurance companies are entering the market (currently, approximately 70 insurers offer stand-alone cyber insurance products), there is a race for the best cybersecurity talent to assess the risks and provide pre- and post-breach services as monitoring, incident response, forensics, etc. In this atmosphere, insurers will acknowledge the revenues they can make from cyber insurance and adjacent security services to their clients, and will (and already do) expand their teams with the cybersecurity professionals and tools through aggressive hiring and M&As.
  3. Cyber extortion coverage will take the lead as the most demanded cyber insurance product. Ransomware is exploding across geographies, industries and all sizes of businesses. Following the massive distributed denial of service (DDoS) attacks on Krebs on Security and Dyn, the IoT world is open to a new world of DDoS attacks that no load balancer can mitigate. I expect that cyber extortion will become the biggest problem for organizations and individuals and that it will surpass data breaches as the main threat.
  4. Adoption of advanced tools for risk assessment will increase. There is a high demand for tools that will give insurers an accurate, scalable and affordable risk assessment that will streamline the entire (mainly manual) questionnaire-based risk quantification methodology that is the common practice today.
  5. New regulations will be introduced and will support the expansion of the cyber insurance market. There are high chances that more U.S. states will introduce regulations that support internal risk assessments on a regular basis of third party vendors and enforce security policies on organizations as suggested by the new NY proposal for the big financial institutes that was released last September.
  6. The penetration rate of cyber insurance among SMBs will be the driving force in the industry. As awareness of cyber-attacks increases among small- and medium-sized business, they’ll realize that cyber insurance is an essential security tool, particularly because of their limited cybersecurity resources. I expect to witness higher percentages of the SMB segment that will purchase cyber insurance coverage, leading to an increase in total market size, as current estimates rely on low adoption rates in these segments.
  7. Insurers will introduce personal cyber insurance coverage. As ransomware becomes a threat to any operating system and any device, it is forecasted that it will gradually become a serious problem for individuals, as well, and will lead cyber insurance companies to offer personal cyber insurance coverage.

Cyber insurance is here to stay, and insurers, brokers, business and individuals will benefit as this market continues to evolve. Growth will be sustained mainly in the U.S. market and is highly likely to expand worldwide, especially in the EU as GDPR starts to be effective.

See also: Understand the Nuts and Bolts of Cyber

No matter which part of the IT security eco-system you fit into, you should explore the benefits cyber insurance can bring to you — revenues, financial hedge and cyber peace of mind.

Ransomware: Your Money or Your Data!

Your client, ABC Corp. is going about its business and then gets this message:

police

The above is a typical ransomware message, according to a recent Symantec Security Response report. What’s next? Pay the “ransom” and move on? Ransomware is a type of malware or malicious software that is designed to block access to a computer or computer system until a sum of money is paid. After executing ransomware, cyber criminals will lock down a specific computer or an entire system and then demand a ransom to unlock the system or release the data. This type of cyber crime is becoming more and more common for two reasons:

1. Cyber criminals are become increasingly organized and well-funded.

2. A novice hacker can easily purchase ransomware on the black market.

According to the FBI, this type of cyber crime is increasingly targeting companies and government agencies, as well as individuals. The most common way that criminals execute their evil mission is by sending attachments to an individual or various personnel at a company. The busy executive opens the file, sees nothing and continues with his work day. However, once the file has been opened, the malware has been executed, and Pandora has been unleashed from the box!

Now that the malware has been unleashed, a hacker can take over the company’s computer system or decide to steal or lock up key information. The criminals then make a “ransom”demand on the company. The ransom is usually requested in bitcoins, a digital currency also referred to as crypto-currency that is not backed by any bank or government but can be used on the Internet to trade for goods or services worldwide. One bitcoin is worth about $298 at the moment. Surprisingly, the amounts are generally not exorbitant (sometimes as nominal as $500 to $5,000 dollars). The company then has the choice to pay the sum or to hire a forensics expert to attempt to unlock the system.

The best way companies can attempt to guard against such cyber crime attacks is by educating employees on the prevalence and purpose of malware and the danger of opening suspicious attachments. Employees should be advised not to click on unfamiliar attachments and to advise IT in the event they have opened something that they suspect could have contained malware. Organizations should also consider backing up their data OFF the main network so that, if critical data is held hostage, they have a way to access most of what was kidnapped. Best practices also dictate that company systems (as well as individual personal devices) be patched and updated as soon as upgrades are available.

Finally, in the event you are a victim of a ransom attack, you would need to evaluate it constitutes a data breach incident. If the data hijacked is encrypted, notification is likely not necessary (as the data would be unreadable by the hacker). However, if the data was not encrypted, or you cannot prove to the authorities that it was, notification to clients or individuals is likely necessary.

Takeaway

Cyber extortion is more prevalent than most people realize because such events are not generally publicly reported. To protect against this risk, we recommend that companies employ best practices with respect to cyber security and that they consider purchasing a well-tailored cyber policy that contains cyber extortion coverage. Such coverage would provide assistance in the event a cyber extortion threat is made against the company, as well as finance the ransom amount in the event a payment is made.