Whatever your industry may be, if you and your employees are now continuing your business’ operations remotely, be aware of the common cyber-attacks currently being exploited, making Cyber Risk Insurance more important than ever before.
Cybercriminals and hacking groups are exploiting disruption and public fear caused by the current world emergency through a range of phishing/vishing/smishing schemes and malware attacks (e.g. ransomware) which are likely to proliferate as the outbreak intensifies. An explanation of each is listed below:
Phishing attacks can take many forms, but they all share a common goal – getting you to share sensitive information such as login credentials, credit card information, or bank account details.
Voice phishing or vishing is a type of phishing attack that is conducted by phone and often targets users of Voice over IP (VoIP) services like Skype to gain access to private personal and financial information for the purpose of financial reward.
Smishing (SMS phishing) is a type of phishing attack conducted using SMS (Short Message Services) on cell phones. Just like email phishing scams, smishing messages typically include a threat or enticement to click a link or call a number and hand over sensitive information. Sometimes they might suggest you install some security software, which turns out to be malware.
Ransomware is increasingly being used by hackers to extort money from companies. Ransomware is a type of malicious software that takes over your computer and prevents you from accessing files until you pay a ransom. The most common way ransomware enters corporate networks is through email. Often, cybercriminals will include malicious links or attachments in emails that look harmless.
Experts from the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), warns individuals to remain vigilant for scams related to COVID-19. Cybercriminals may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
Examples so far include cyber scams by groups impersonating the World Health Organization (WHO) and the US Center for Disease Control (CDC), fraudulent websites advertising antiviral equipment which turns out to be fake, cybercriminals tricking users into stalling malicious COVID-19 related apps resulting in locked devices and requesting ransom payment, and attackers seeking bitcoin funding which they claim is for vaccine research.
We remind everyone to stay diligent and cyber aware. Remember that in Cybersecurity, there is no one size fits all solution. Different organizations have varying technology infrastructures and thus, different potential risks. With cyber risks on the rise, making good risk management decisions make all the difference.
An effective risk management program should establish clear communications and situational awareness about risks. Furthermore, risk management helps identify risks early on so that you may implement the appropriate mitigations to prevent incidents or weaken their impact. Cyber events will still happen to any system, but with the proper coverage, you will be better prepared to deal with them.
If you have any questions or concerns or would like to know if your cyber systems are properly covered, please contact one of our insurance experts at: firstname.lastname@example.org so that we can place the balance in your favor.