Know Thy Enemy

In the constantly shifting landscape of cyber security, it can be difficult to determine friend from foe, and the nature of cyber threats are ever-changing. This article contains a quick overview of some of the most common cyber threats organizations face today.

Ransomware

This threat involves maliciously installed malware that blocks access to data, holding it “hostage” until a ransom is paid to the hacker for its release. Common places to encounter ransomware are either online or as part of phishing attempts that utilize malicious attachments, links, or downloads. Ransomware can also be delivered via more physical methods, such as a compromised USB drive. Practicing safe browsing habits, staying vigilant to phishing attempts, and never plugging in unvetted devices into your machines are excellent ways to avoid ransomware.

Human Error

A common threat to all security is simple human error. It’s an oft heard story – for whatever reason, an employee clicks a bad link or attachment, exposing the organization to cyber risk. One small error, even one made in good faith, can cause costly damage once a data breach has occurred. People are often the last line of defense when it comes to cyber threats, which is why a wary, vigilant, and well-trained team is a crucial element of cyber security.

Social Engineering

This is a primary technique that exploits human error, and can cause otherwise responsible and well-meaning individuals into making mistakes. Effective social engineering manipulates and deceives by putting up a façade of both legitimacy, as well as urgency, which compels victims to act without verifying their actions. Often, simply following up with the source of the request, or running a suspicious request by IT or another qualified staff member can help determine whether or not a request is legitimate. It is a simple step, but one that is often forgotten in the heat of the moment, especially if the request invokes a sense of urgency, as they often do. Social engineering is becoming more and more sophisticated, and is another area in which staff should receive rigorous training.

Hacking

This threat is a direct attack on a system’s defenses in order to gain unauthorized access. Hacking is particularly nefarious in the sense that sophisticated attacks can be difficult to detect. Some hacks can go months before they are discovered, exponentially increasing the devastation of a data breach. Practicing good cyber hygiene, such as procuring safeguards, regularly updating software, and committing to safe web browsing can go a long way to thwart hackers from gaining access.

Vendors

If you utilize cyber vendors for services, it is important to vet them to ensure they are reputable and committed to the highest standards of security and service. Making sure others are adequately protecting your information is just as important as monitoring your own internal safeguards. When selecting a vendor, it is a good idea to find out the extent of their security measures, as well as what their responsibilities will be in the event of a breach.

Unfortunately, these threats are just the tip of the iceberg – as technology becomes more sophisticated, so do the efforts of cyber criminals. But knowing what to look out for is half the battle. Equally important is knowing what to do in the event your organization becomes the target of a cyber attack.

When an attack is discovered, timing is critical. An organization’s initial response can make all the difference between a drawn-out, costly incident and effective mitigation. We recommend completing the following steps as soon as your organization becomes aware of an attack or systems breach:

  1. Assemble your designated cyber response team.
  2. Implement your Emergency Action Plan for cyber incidents.
  3. Contact both your broker and program risk manager. They will provide assistance with:
    1. Notifying your insurance carrier
    2. Notifying law enforcement
    3. Making a claim
    4. Connecting you to other professional resources

Following these steps will effect a comprehensive mitigation and investigation strategy. Involving your broker and risk manager at the outset will also help avoid making mistakes throughout the recovery process, which can lead to additional losses. Until then, we urge members to use caution, good sense, and take advantage of the many resources we have to offer on this topic. For more information about cyber crime, please contact your broker or program risk manager.