Hackers recently used ransomware against a major gasoline pipeline to halt distribution, costing the company millions of dollars and creating chaos across the southeastern United States. A cyber attack on the world’s largest meat producer last month also forced the shutdown of all its U.S. beef plants, wiping out production from facilities that supply almost a quarter of American beef supplies.
Around 37% of organizations worldwide reported they were victims of some form of ransomware attack in 2021, and after the FBI received over 2,000 ransomware complaints in the first half of that year, they reported a 62% increase compared to the year before.
These attacks are compounded by the rise in cyber attacks during the pandemic as a result of an increase in remote workers. According to the Department of Homeland Security, hackers seek out flaws in network securities and target vulnerabilities in virtual private networks and remote work tools/software. We can all learn from the most recent attacks and do a better job protecting ourselves from cyber threats (and protect our assets if a breach did occur).
Here are five trends your clients need to be aware of regarding cyber attacks today:
1. Industrial Organizations are the New Frontline in the Cyber War
Financial services and retail, with the enormous amount of customer data they collect and store, have been on the frontline of cyber attacks for years. Hackers have been preying on these industries to exploit customer data and steal identities. But with the increased use of ransomware, the focus is shifting to larger industrial corporations. Cyber security now needs to be a larger focus for management and a key part of disaster recovery planning, even for companies that don’t see themselves as a likely target.
2. Not All Incidents Are Reported
Officials are seeing that not all victims of cyberattacks want to come forward to report an incident. Would you want to admit to your shareholders that a breach in security caused you to pay out millions in ransom? Exactly. This lack of reporting is preventing governments and law enforcement officials from making more informed decisions and developing the best policies to fight off these attacks.
3. It’s as Simple as an Email
The way these hackers are getting into systems is by using phishing emails as Trojan horses. In most cases, we are letting them walk into the front door by opening an email. According to Megan Steifel of the Global Cyber Alliance, these emails look like they’re coming from an acquaintance and get people’s attention with requests like, “Need you to do this now,” which leads them to click on a link. When someone does that, they’re rerouted to a malicious website where malicious software is downloaded to their computer, allowing hackers access to that computer and the organization’s network. In most cases, hackers surf the network for valuable and necessary data and then hold that data ransom to make a quick buck.
4. Ransomware Often Gets Around Malware Tools
Ransomware evolves and morphs so that there are constantly new strains to identify and block. Fresh strains are so new, even recently-updated anti-malware tools may not be able to identify them yet, and then they’ll evade anti-malware software. To prevent this, businesses are enabling “white-listing” software, which only allows pre-authorized applications to run on computers. When a piece of malware isn’t on a computer’s “whitelist” of applications, the computer doesn’t run it.
5. Hackers Operate from Safe Havens
According to Steifel, hackers often operate from “safe havens,” or countries where governments are unwilling or unable to assist in these types of investigations. Governments working together may choose to sanction these countries, or if they’re cooperative, provide foreign military aid to capture the hackers. For example, the group responsible for the Colonial Pipeline attack, DarkSide, was found to be a Russian group; the Biden administration has since put greater sanctions on Russia.
Regardless of your commercial business function or size, the reality is you are vulnerable and are being targeted. We have entered an era where breaches are often inevitable. It’s critical to have proper Cyber Liability coverage and disaster recovery planning in place.
Jencap has specialized brokers who have dedicated their entire careers to understanding the unique commercial insurance needs of this business segment. Contact a broker today to discuss your clients’ Cyber Liability needs – we are standing by to craft a comprehensive and competitive insurance solution for you.