2 minute read
Malware attacks
Lindsey Nelson, CFC Underwriting:
Ransomware has evolved significantly over the last several years, but 2020 is showing us the emergence of one worrying trend when it comes to these attacks. As part of these events, we’re increasingly seeing criminals steal confidential information – and then threaten to release it – if ransomware demands aren’t paid. They’re also conducting more due diligence to determine the maximum amount an organisation can afford to pay to determine how much they try to extort. So, where ransomware was typically associated as being a business interruption or system damage concern, it’s now increasingly becoming a privacy concern, triggering notification obligations to customers and key stakeholders.
The coronavirus pandemic has sparked an increase in remote work. What advice should brokers be passing to clients about mitigating cyber risks among workfrom-home employees?
Tom Draper, Gallagher: With much of the UK workforce working from home, organisations of all sizes have seen a marked increase in phishing attacks in particular, with cybercriminals exploiting the pandemic to try and trick victims into opening infected attachments and links, or to enter their credentials via email. The emails can be very deceptive, and may appear to be sent from a trusted source or familiar brand – often asking recipients to open a link to a new company policy related to the COVID-19 pandemic.
Additionally, the increase in videoconferencing, remote access, and virtual private network (VPN) services in the home are also expanding the attack surface that cyber criminals can exploit to gain entry into a corporate network.
To minimise the risks of employees falling victim to cyberattacks when working remotely, brokers should emphasise to their clients the importance of prioritising security protocols. A good starting point for businesses is to create a remote working policy to manage the risks, including guidance on storing devices securely and creating and maintaining strong passwords.
They should also provide guidance on how to spot unusual or potentially malicious email activity – including emails asking recipients to transfer money. When in doubt, it’s always best to pick up the phone and speak to the sender directly, rather than conducting all correspondence over email, to verify the requests are authentic.
Lindsey Nelson, CFC Underwriting:
This new era of home-working couldn’t be a better situation for cybercriminals. Employees are working on potentially insecure devices and businesses may not have implemented any additional training to help them spot potential scams.
With that in mind, there are three main areas that brokers should look to cover when speaking to clients about cyber during this time: remote log-in capabilities and security (like multi-factor authentication (MFA)), employee training on phishing scams and securing personal devices, and incident preparedness.
A few questions might be: was the client able to switch to working remotely with minimum disruption, or were they having to implement new and untested methods to access the office remotely? Are most software and services being used cloud-based, or are they having to look at a potential migration? Do they still have any legacy systems in the office? Do they have an incident response or business continuity plan, and have they discussed how they would carry out that plan remotely?
The rapid increase in cyber claims is by no means just a COVID-19 issue – claims were already well on the rise prior to the current landscape. However, since countries around the world went into lockdown, the types of incidents that our cyber claims team is dealing with shows that while there hasn’t yet
