Over the past couple of years, there has been an increase in the number of cyber attacks that employers and individuals alike have had to work around. This trend is expected to increase, especially in the wake of the COVID-19 pandemic when employees shifted to remote work; as a result, many employers are going to great lengths to create comprehensive risk management policies to protect their businesses.
We have seen that cyber insurers have been enjoying a profitable run for several years but are now facing a changed risk landscape with data breaches, ransomware attacks, insurance claims and overall threat awareness increasing. As an example, over 50% of security leaders in the United Kingdom and Ireland say their organizations experienced some form of cyber-attack in 2020 and more than 60% are concerned that they are at risk of attack this year, rising to almost 90% in the largest organizations.
In terms of threats to organizations, security leaders tend to reflect the mood of the past 12 months, with 46% saying ransomware was the biggest threat they faced. Other sources of concern were cloud account compromises (39%), insider threats (33%) and phishing (30%). Less than 25% said they were worried about business email compromise (BEC), which is now one of the most expensive threats globally, with losses exceeding $25bn in the past three years alone. The survey also revealed the biggest sources of risk in the eyes of security professionals, with 55% saying human error and lack of basic security awareness was the biggest risk they faced, largely because even the most advanced security tools are rendered powerless against them.
The Effects of the Cyber Threats
This increase in security breaches has increased cyber insurance premiums; the frequency and severity of ransomware attacks have escalated, as have data breaches and kidnaps in the health care industry in particular. According to CoveWare, the average ransom payment increased to $84,116 in the fourth quarter of 2019, up 104%, from $41,198 in the third quarter. Based on data collected by the National Association of Insurance Commissioners (NAIC), AM Best reports that direct premiums written in the admitted U.S. cyber insurance market grew by 11% year over year in 2019 to $2.25 billion; however, the rate of growth slowed from the previous year, marking the fourth-straight year of this slowing trend. Before the pandemic, cyber insurance rates were increasing by 4% to 5%. With COVID-19, AM Best said it expects momentum for rate increases to continue. The report also warns that pandemic may be compounding cyber risk and that insurers should reconsider their stress testing to acknowledge the similarities between a pandemic and a cyber-attack.
Why are the cyber-attacks happening?
With the increase in cybersecurity incidents, it is important to investigate why this could be happening. A possible explanation for this could be the transition to working from home in response to the COVID-19 pandemic. We can see this through researching cyber security-related claims and events reported from employers. Coalition found that cyber-attacks have increased in number and severity since the onset of the COVID-19 pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch unprecedented campaigns, exploiting mass uncertainty and fear.
Since the beginning of COVID-19, Coalition observed a 47% increase in the severity of ransomware attacks, on top of a 100% increase in frequency from 2019 to Q1 2020. Coalition also found that newer strains of ransomware have been particularly malicious, with costly ransom demands and criminal actors threatening to expose an organization’s data if they don’t pay the ransom demand. Coalition’s findings indicate that ransomware (41%), funds transfer loss (27%), and business email compromise incidents (19%) were the most frequent types of loss — accounting for 87% of reported incidents and 84% of claims payouts in the first half of 2020. Digging deeper into what ultimately caused these claims, Coalition found that:
- Due to the transition to remote work, exploitation of remote access was the root cause of reported ransomware incidents
- Email intrusion, invoice manipulation, and domain spoofing were the most common attack techniques for funds transfer fraud incidents
- Organizations that use Microsoft Outlook for email were more than three times as likely to experience a business email compromise as compared to organizations that use Google Gmail
For further information on this report read here.
What Can You Do To Prevent Cyber Security Risks?
Due to work-life balance and other business considerations relating to COVID-19, employees are working from home more than ever before. While remote work may offer benefits to both the employee and employer, there are potential cybersecurity risks when employees work from locations outside of the office. To help minimize these risks, consider these precautions:
- Use a Virtual Private Network (VPN), not Remote Desktop Protocol (RDP). The use of a VPN is a fundamental safeguard when users access the company’s network via their home WiFi. A VPN allows for encryption of data, which adds a level of protection for information such as passwords, credit card numbers and other sensitive or protected private information
- Implement Multifactor Authentication (MFA). The basic principle of MFA is that an authorized user must provide more than one method of validating their identity. Even if a cyber attacker has obtained a user ID and password, MFA decreases the risk that an attacker can gain access by requiring an additional means of validation
- Prevent unauthorized users on company resources (e.g., laptops, mobile devices). Employees should not allow anyone to access company resources, including family members. Whenever possible, use a private location if you are on a call or in a meeting that involves sensitive information, such as anything HIPAA-related
- Use only company-authorized devices for remote work. Personal devices may not have the same level of security and privacy protections as company devices. If your company has a “Bring Your Own Device” policy, be sure that your use of a personal device is in accordance with that policy. This includes home printers and personal email accounts.
https://www.travelers.com/resources/cyber-security/cybersecurity-for-employees-working-from-home
https://www.securitymagazine.com/articles/93322-cybersecurity-claims-trends-amid-COVID-19