Cyberattacks will increasingly lead to business interruption, cyber insurer warns

Cyber insurer Beazley is expecting an increase in cyberattacks that lead to business interruption, especially due to the growth of cloud platforms and connected devices in the workplace.

On Wednesday, Beazley released its 2018 Breach Briefing outlining the types of cyberattacks that affected its clients in the United States last year. Of the 2,600 data breach incidents it investigated, more than one-third (36%) were from hacks or malware, followed by accidental disclosure (28%). Insider threats and social engineering accounted for 10% each, followed by those on portable devices (7%), physical loss/non-electronic records (6%), unknown/other (2%) and payment card fraud (1%).

Among the report’s highlights, more than half (55%) of fraudulent wire instructions affected small- and medium-sized businesses. Of these incidents, 21% were in the financial services sector.

Last year, Beazley Breach Response (BBR) Services, the insurer’s in-house breach response team, reported a sharp increase in the number of sophisticated social engineering schemes, frequently taking the form of business email compromises. In fraudulent instruction attacks, a cybercriminal uses compromised email credentials to induce an employee to make a wire transfer or other electronic payment to a bank account controlled by the cybercriminal.

Among the tips to protect an organization from fraudulent instruction attacks, Beazley recommends to:

• Alert employees who have access to accounts payable systems or wire transfer payments about these scams.
• Train all employees to beware of phishing attempts.
• Establish out-of-band authentication procedures for wire transfer requests and changes to vendor payment instructions. Ensure that confirmation of any instruction involves a separate channel.
• Organizations handling many payments may wish to establish more formal mechanisms for how vendors or customers can change payment instructions, such as implementing app-based two-factor authentication or establishing a preset code.
• Require significant payments, changes to payment instructions, or requests for sensitive employee data to be authorized by more than one employee. Consider a holding period for transactions exceeding a certain amount.
• Turn on two-factor authentication for external access to all applications, but particularly to sensitive ones such as email, payroll or benefits providers, remote desktop protocol and virtual private networks.
• Enforce strong password policies and educate employees about the risks of recycling passwords for different applications.

“Criminals are intent on stealing data or extorting cash and their methods are becoming more sophisticated by the day,” Katherine Keefe, global head of BBR Services, said in a press release. “Wherever weaknesses exist – in systems, processes or simple human fallibility – every organization regardless of sector and size is vulnerable.”