Switching on to cyber risk Liam Pomfret, AIG's Head of Cyber & Professional Indemnity, Asia Pacific, talks to Covernote about the growing cyber threat in New Zealand, and the role brokers can play in protecting companies. Are cyber attacks on the increase in New Zealand?
What kind of vulnerability leads to cyber-attacks?
If you read the media, it points towards that. From AIG’s perspective, our cyber claim count in New Zealand has been increasing each year, as it has in other regions where we operate. Importantly, our claims data shows that the severity of attacks is also increasing, with many claims coming from ransomware attacks.
AIG has managed cyber claims around the world for more than 20 years. Regardless of location, we have observed common vulnerabilities when conducting root cause analysis. This currently includes:
Who are the perpetrators of these attacks? Attribution of an attack is often difficult given the anonymity available across the internet. Indicators of compromise can be investigated but attackers can obfuscate their real identity by spoofing IP addresses or domains. Given the cross-border nature of cyberattacks, it is difficult for law enforcement to hunt down attackers if they are based outside local jurisdictions. 8
December 2021
•
Lack of MFA (Multi-Factor Authentication) and RDP ports exposed to the internet (Remote Desktop Protocol). MFA requires users to provide two or more verification factors to gain access to various systems, thus making it harder for attackers to gain entry. RDP enables remote connection to corporate networks. Much of the world would have enabled employees to access company data work while working from home. Attackers can gain a foothold into company networks if the connection between the
