COVID-19 Impact on Cyber Risk

Imagine your company’s network as a sealed bubble as it once was a long time ago.  Information leaks were rare and generally a result of one “traitor” and infiltrators were few and far between.  Fast forward to the IoT (Internet of Things) Era and imagine all of the holes in that bubble that need to be constantly monitored and sealed.  Leaks and infiltrations occur constantly and as a society we have built defenses.  Still, the breaches happen and can be devastating.

Now, imagine that big sealed bubble bursting into many little bubbles caused by many more employees working remotely.  The risk of a breach or cyber-attack is increased exponentially.  How can you possibly implement and enforce the security measures necessary to protect your network and data knowing that your biggest risk is human error and, your humans are now out of site and earshot?  Add to that the devious cyber criminals who are preying on the insecurity of your employees caused by COVID-19.

On April 8th, the U.S. Department of Homeland Security issued a warning that “a growing number of cyber criminals and other malicious groups online are exploiting the COVID-19 outbreak for their own personal gain….The techniques used by attackers prey on people’s appetite for information and curiosity towards the outbreak, with phishing emails and SMS messages using the virus as a lure to trick people into revealing credentials or downloading malicious software.”  [1]  Recently, phishing email impersonating the CDC, WHO and other health authorities present links to information that trick users into downloading and running a malicious application while viewing a coronavirus map loaded from a legitimate online source.

Training your employees to safely work remotely is almost as important as practicing social distancing.  It may not save a human life but it can save your business.   Establish an Incident Response Plan (IRP) to identify the response team, methods to identify and contain incidents and procedures to eradicate the root cause of the attack.

If you already have cyber liability coverage, look into the resources provided by your insurance carrier.  Many carriers include access to preventative training with your annual premium.  Take advantage of this valuable resource.  Visit their web sites, download the cyber risk information.  Read it.  Communicate it to your employees and enforce it the best you can.  Then, know that if prevention fails, you have the response team and coverage in place to minimize the impact of a breach or cyber-attack.

If you don’t have cyber liability coverage, please call your agent for quotes.  The process of completing the application serves as a self-assessment bringing to your attention exposures that put your company at risk.  Next, evaluate the quotes carefully.  No two coverage forms are the same.  Cyber insurance policies offer a wide range of both first party and third party coverages and can be tailor-made to fit your specific needs.

Recent examples of hackers exploiting COVID-19 according to RISKIQ:

4/16/20 Digital Exploitation Highlights [2]

  • Hackers are selling two critical vulnerabilities for the video conferencing software Zoom that would allow someone to hack users and spy on their calls, according to Motherboard. The two flaws are zero-days, and are currently present in Zoom’s Windows and macOS clients, according to the report.
  • Researchers from BitSight found that remote-work users are more likely to have malware on their devices, according to LookingGlass reporting. BitSight found that Trickbot malware was three times more likely and the Mirai botnet was twenty times more likely to be on home office networks than corporate networks. The Trickbot malware has been leveraged in order to deliver Ryuk ransomware to target hospitals, local and state governments, and corporations.
  • Facebook said today it will begin alerting users if they have interacted with harmful misinformation about COVID-19. This effort is a part of a series of new, aggressive steps to combat what health authorities have described as a global “infodemic.”
  • Governments are imposing new digital surveillance tools to track and monitor individuals to slow the pandemic. While many citizens have welcomed tracking technology, some privacy advocates are wary, concerned that governments might not be inclined to unwind such practices after the health emergency has passed, according to the Wall Street Journal.

And this is an update for just one day….

[1] https://www.cisa.gov/news/2020/04/08/uk-and-us-security-agencies-issue-covid-19-cyber-threat-update

[2] https://www.riskiq.com/blog/analyst/covid19-cybercrime-update/

UPDATE Tonry Insurance Group’s Response to COVID-19