PHONE 800-258-3190
Email info@associatedbrc.com
www.associatedbrc.com
Associated Benefits and Risk Consulting - Cyber Liability

The question is not if your company will experience a cyberattack, but when.

As the number of cyberattacks increase across all industry segments, so does the importance of cybersecurity for all businesses — regardless of size or reliance on technology. A breach can result from a variety of factors, including attacks on networks, employee negligence, malware-infected emails or social engineering scams. You can be left paying thousands of dollars.

Cyber Liability coverage protection can extend beyond standard liability coverage from cyber-related lawsuits. There are a variety of coverage options available for organizations of all types and sizes. These solutions can include reimbursements for loss of income, notification costs, cyber extortion/ransomware, network security, third-party interruptions, regulatory defense costs and more.

To help ensure you have the right coverage we offer the following:

  • Proprietary risk and exposure analysis
  • Benchmarking analytics
  • Contract review
  • On-staff law degreed compliance specialist
  • Claims advocacy
  • Placement and program analysis
Associated Benefits and Risk Consulting – Cyber Risk Survey

CYBER RISK SCORECARD

Identify where you may have gaps.

Cybercrime is constantly evolving and cybersecurity is hard-pressed to keep up. You’ve taken steps to protect your business against cyber threats, but your best efforts may not be enough. Take the Cyber Risk Scorecard survey to see where your business excels and where you face exposure.


 
Associated Benefits and Risk Consulting – Cyber Threat Intelligence Highlights

THREAT INTELLIGENCE HIGHLIGHTS

Threat Intelligence highlights: Wire transfer requests top the list of business email compromise (BEC) objectives

Tuesday, October 23, 2018 - Jake Omann, CIC, CPCU

Threat Intelligence highlights: Wire transfer requests top the list of business email compromise (BEC) objectives

Tuesday, October 23, 2018 - Jake Omann, CIC, CPCU

Wire transfer requests top the list of business email compromise (BEC) objectives, according to a study by Barracuda Networks. Additional objectives laid out by the report include duping users into clicking on malicious links, establishing rapport and stealing information, with the end goal of extorting millions of dollars from unsuspecting companies:

  • Criminals use BEC attacks to obtain access to a business email account and imitate the owner's identity in order to defraud the company and its employees, customers or partners. In most cases, scammers focus efforts on employees with access to company finances or payroll data and other personally identifiable information.

  • In many cases, attackers pretending to be the CEO, CFO or another c-level executive send an email requesting an immediate wire transfer.

  • In 2016, Trend Micro reported that the average BEC attack netted $140,000 in illicit profits.

  • Last month, the FBI's Internet Crime Complaint Center (IC3), reported 41,058 total U.S. victims of BEC schemes collectively lost at least $2.9 billion between October 2013 and May 2018 while global losses were more than four times that amount.

  • Unfortunately, the BEC cycle doesn't always end with a fraudulent wire transfer. Once an account has been compromised, criminals can leverage access to send phishing and other BEC messaging to the address book of the compromised account.

Source: Bank Info Security

Self-described as "The World's Favorite Airline," British Airways has confirmed a data breach that exposed personal details and credit-card numbers of up to 380,000 customers and lasted for more than two weeks. The airline has been calling it data theft, rather than a breach, which could indicate someone with inside access may have stolen the information. 

Threat management group RiskIQ determined the attack was perpetrated by MageCart, a group known for compromising other websites including Ticketmaster and Feedify. Similar to a physical credit card skimmer at an ATM, MageCart injects a malicious script onto a website’s payment page to skim credit card details from consumers:

  • In a statement released by British Airways, customers booking flights on its website ba.com and the British Airways mobile app between August 21 and September 5, 2018 were compromised.

  • The airline advised customers who made bookings during that 15 days period and believe they may have been affected by this incident to "contact their banks or credit card providers and follow their recommended advice."

  • British Airways stated on its Twitter account that personal details stolen in the breach included their customers' names and addresses, along with their financial information, but the company assured its customers that the hackers did not get away with their passport numbers or travel details.

  • The company also said that saved cards on its website and mobile app were not compromised in the breach. Only cards that had been used to make booking payments during the affected period were stolen.

Sources: The Hacker News and Bleeping Computer

A Fortune 500 Company recently found itself infected with a cryptocurrency miner using EternalBlue. 

WannaCry, which infected upwards of 300,000 computers worldwide in May 2017, was potent because it used an exploit called EternalBlue that had been stolen or leaked from the U.S. National Security Agency.

The exploit took advantage of a Windows vulnerability, designated CVE-2017-0144, in Microsoft's Server Message Block protocol, which remained widely unpatched when WannaCry hit:

  • Called WannaMine, it successfully stung a large company via EternalBlue. WannaMine mines for monero, a privacy-focused virtual currency that can still be mined using off-the-shelf hardware.

  • The victim was one of the 500 largest U.S. corporationsbased on total revenue, and it was noted that WannaMine infected dozens of the company's domain controllers as well as about 2,000 of its endpoints.

  • The unnamed company's problems began when attackers found a server that was still vulnerable to the EternalBlue exploit.

  • Despite being discovered more than a year ago, WannaMine's infrastructure is still intact, noting that some of the IP addresses associated with the mining activity remain active.

Source: Bank Info Security

Government Payment Service Inc. has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

  • Indianapolis-based GovPayNet, doing business online as GovPayNow.com, is used by approximately 2,300 government agencies in 35 states to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines.

  • GovPayNow.com displays an online receipt when citizens use it to settle fees and fines via the site. Until this past September, it was possible to view millions of customer records simply by altering digits in the Web address displayed by each receipt.

  • The company addressed the issue after being notified by a security journalist of the leak.

Source: Krebs on Security

Scan4You, a notorious cornerstone of the cybercrime-as-a-service economy that allowed malware developers to easily create code to bypass anti-virus defenses, has been dismantled and its Latvian technical administrator has been sent to prison.

While this is welcome news, in reality, it’s no more than a temporary reprieve; demand remains high and cyber criminals will look to set up an alternative to take its place:

  • Ruslans Bondars, 38, a Latvian "non-citizen," meaning a citizen of the former USSR, was sentenced to serve 14 years in U.S. federal prison. He'd been residing in Riga, Latvia, until his arrest in April 2017 and extradition to the U.S. to face a four-count indictment.

  • Bondars was charged with running Scan4You, an online service designed to counter anti-virus software that the U.S. Justice Department says had at least 30,000 users who collectively committed at least $20.5 billion in fraud.

  • Bondars' partner in crime, Moscow-based Jurijs Martisevs, a Latvian citizen - and according to some reports, also a citizen of Russia - was also arrested in April 2017, when he was visiting Latvia, and extradited to the U.S.

  • Scan4You operated from 2009 until at least October 12, 2016 and functioned like an illicit version of VirusTotal, allowing users to see if their malicious code might get flagged as such by AV engines.

  • Unlike VirusTotal, Scan4You anonymized uploads and never shared samples.

  • Court documents suggest that one Scan4You user hacked Target. The Department of Justice said that in the case of a "major retail store located in the United States," the service had been used to test malware.

Source: Bank Info Security

For more information about cyber risks or related issues, please contact us.

Comments (0) Number of views (1007)

Jake Omann, CIC, CPCU

Jake Omann, CIC, CPCU

Jake Omann specializes in providing clients with risk management and executive risk services that cover their liabilities as a corporation, as well as the personal liabilities of their directors and officers. He started his career over 10 years ago in sales at a multinational financial services co

Full biography

Full biography

Jake Omann specializes in providing clients with risk management and executive risk services that cover their liabilities as a corporation, as well as the personal liabilities of their directors and officers. He started his career over 10 years ago in sales at a multinational financial services corporation before beginning his broker career in managing executive risk programs for Fortune 500 companies. Jake currently sits on the board for ACES for Kids.

x

Employees remain the “weakest link” in cybersecurity

Whether by accident or on purpose, employees are often the root cause of successful cyberattacks. Accidental publication of confidential...

Downtime is the biggest cyber threat to manufacturers

Today’s manufacturers are highly automated and connected. However, with every advancement in technology comes associated risk. IT...