Business Insurance
Personal Insurance
With 350,000 new malicious programmes being discovered every day (What is Malware and How Does Malware Work | Axians UK), there’s been a big spike in cyber crime and as a result we’re seeing an increase in cyber insurance claims.
In no particular order, we’ve pulled together a list of the most common cyber-attacks people claim for.
1. Ransomware attacks
Ransomware is the most common cyber insurance claim (https://www.getastra.com/blog/security-audit/cyber-insurance-claims-statistics/). Ransomware is a type of malware that a threat actor uses to encrypts your files, so you are unable to access your device and the data stored on it. Once they have access to your system, they (threat actors) can sit dormant for months before they decide to encrypt your files. During this time, they are watching what you’re doing on your device and collecting data, waiting for the right time to strike before demanding a ransom in exchange for decryption or threaten to leak the stolen data.
Ransomware can gain access to your business in several ways, including:
In September 2023, two of the world’s largest casino-hotel companies, MGM Resorts and Caesars Entertainment, fell victim to ransomware attacks by way of social engineering (https://www.forbes.com/sites/suzannerowankelleher/2023/09/14/2-casino-ransomware-attacks-caesars-mgm/?sh=3b17b826402d). Caesars Entertainment paid the $30 million ransom demand (https://cybernews.com/security/caesars-palace-mgm-ransomware-attack-confirmed).
2. CEO/Friday fraud (funds transfer fraud)
CEO fraud (or Friday fraud) is a type of attack in which a cyber criminal impersonates an employee with the power to ask employees to make payments. This could be a CEO, CFO, Head of HR, etc. The email will usually contain an invoice from a supplier which contains new account details.
An employee in accounts receives a seemingly genuine email from the boss or a known customer at the last minute requesting urgent payment of an invoice.
3. Cloud hacking
With the rising popularity of cloud storage tools and applications, cloud hacking has become a very common threat in the industry. Cloud hacking attacks can take many forms, such as brute-force attacks, phishing, and credential stuffing.
There are many ways cloud hacking can happen. For example, a disgruntled former employee, or other threat actor, accesses a business’s critical data held in cloud storage and takes control. They may hold this data for ransom or threaten to leak it if their demands are not met.
4. Vishing and quishing
Vishing scams are when scammers will impersonate a legitimate source in an attempt to extort money.
An example of a vishing scam is a call from the “bank” stating that your account has been compromised and that immediate action is required. Usually, this action includes transferring bank details and security information to the threat actor.
A new scam known as ‘quishing’ is gaining momentum. The scam can happen both online and in the real world, where QR codes are manipulated to divert traffic to a malicious site for theft of funds or valuable data.
5. Dependent Business Interruption loss
A third party service provider goes down unexpectedly as a result of a ‘cyber event’, meaning that the insured is unable to work as they lose access to their computer networks.
6. Lost data
A USB containing unencrypted sensitive data is lost. The loss of such data requires notification to the ICO and affected individuals.
Loss of paper files can also be a ‘data breach’. Some robust cyber insurance coverage may include loss of hard/paper copies of data.
7. DoS Attack (denial-of-service)
A denial-of-service attack is when a threat actor attempts to disrupt a computer or other device’s normal functioning and make the device inaccessible to users.
During this malicious attack, the threat actor overwhelms a website with traffic, resulting in the website, and/or sales, going down. They typically do this during a busy sales period, preventing the insured from being able to trade. Sometimes a ransom is attached to cease action.
8. Rogue employee
A rogue employee is a member of staff who harms their company by engaging in illicit activity, e.g., a worker collects sensitive and confidential data over time with a view to selling. As part of General Data Protection Regulation (GDPR), all organisations must report data breaches to the Information Commissioner’s Office (ICO) and individuals impacted by the data breach. This opens a door for individuals to seek financial compensation as a result.
Rogue employees tend to fall into one of three categories:
Case study: In 2013, a disgruntled IT auditor employed by Morrisons collected the payroll data of Morrisons’ entire workforce and uploaded it to a file sharing website (https://www.taylorwessing.com/en/global-data-hub/2021/june---data-breaches/the-insider-threat---rogue-employees-and-data-breaches ).
Consequences of a cyber-attack
Following a cyber event, there are a few additional costs which may be incurred that you might not immediately consider, such as:
Cyber insurance with Ethos Broking
If you have any questions about protecting your business against a cyber-attack, please contact your local Ethos Broking office and the team will be happy to help.