With a reported 400% increase in UK cyberattacks since the beginning of the Covid-19 lockdown, Liz Booth looks at how the cyber insurance market may see an increase in demand for its products
Governments and security agencies alike are raising concerns around cyberattacks and the Covid-19 pandemic.
As the World Economic Forum (WEF) warned in late May: "Covid-19 is forcing business leaders to adapt operating models faster than ever before to ensure existential survival. The large-scale adoption of work-from-home technologies, exponentially greater use of cloud services and explosion of connectivity allow companies to continue operations even with social distancing and 'stay at home' orders."
However, it added: "The paradigm shift is putting immense pressure on cybersecurity operations. As organisations are making extraordinary efforts to protect their workers and serve their customers during the pandemic, exposure to cyber threats is increasing significantly."
The WEF stressed that security bugs and privacy-abusing practices are not new, but have been exacerbated by the growing demand for cost-effective and just-in-time solutions, along with the pressure to digitalise and innovate quickly to keep ahead of competition, increase operational efficiencies, improve customer experience and improve business decisions with enhanced analytics.
Closer to home, Action Fraud (the UK's national fraud and cybercrime reporting centre) reported a 400% increase in coronavirus-related fraud reports in March. And at the end of May, Action Fraud said that, in a two-week period, the public had passed on more than 160,000 suspect emails.
In 2019, the average cost of a data breach was £4,180 per cyberattack. This was significantly higher for medium-sized and large businesses, which could expect losses of £9,270 and £22,700 respectively
Law firm Burges Salmon says these figures relate to a variety of new scams.
First, there has been a wide range of phishing scams (bogus communications that purport to be from a well-known and trusted source, which request confidential information -- typically login/password details or banking information), including:
- Emails purporting to be from HM Government, asking for donations to the NHS during the Covid-19 outbreak.
- Emails purporting to be from a research group that mimics the Centre for Disease Control and Prevention and World Health Organization, requesting donations.
- Communications containing investment scheme and trading advice, encouraging people to take advantage of the coronavirus downturn.
Malware, spyware and trojans have been found embedded in interactive coronavirus maps and websites. Spam emails are also tricking users into clicking on links that download malware to their computers or mobile devices.
There has been a spate of online shopping scams for in-demand products that are never delivered, including protective face masks and hand-sanitiser gel.
Security officials in the UK and US have been warning that cybercriminals and 'advanced persistent threat' groups are targeting individuals and organisations with a range of ransomware and malware.
CYBER COVER
So, what does this mean for companies and the possible purchase of cyber insurance?
Chris Riordan, part of the professional liability claims team at Miller Insurance, says: "As working from home becomes the new norm, many businesses and their employees will now be working on less-secure networks. To avoid being scammed, it is essential for all employees to be aware of the cybersecurity standards and to approach all emails and calls with a sense of caution.
"To help mitigate the threat posed by cybercriminals, it is strongly advised that all internet users display heightened vigilance in the content they access and share. Ensure that the company has the most up-to-date versions of antivirus software," he adds.
When it comes to insurance, broker Marsh says policyholders must double check to see if their business insurance policy covers home working. It urges companies to ensure cover did exist and to refresh any policies without any such wordings.
Marsh notes: "In 2019, the average cost of a data breach was £4,180 per cyberattack. This was significantly higher for medium-sized and large businesses, which could expect losses of £9,270 and £22,700 respectively."
In an Insurance Journal vodcast, Darren McGraw, president of Mechelsen Private Client, also stresses the need for companies to have the right insurance. And Lisa Lindsay, executive director of Private Risk Management Association, says clients need to make sure they are working with carriers that offer the most up-to-date, specialised products and services available in the marketplace.
"I would say that we are seeing a little bit of a low take-up where people don't seem to possibly think that they need [specialised cyber] coverage," Ms Lindsay says. "As more attacks occur, I think we will see people being more interested in adding on that additional coverage to their insurance policies."
Although insurers are still waiting to see the full effects on the pandemic on existing cyber policies, Mr McGraw says that insurers will respond with new products to reflect changing times.
"That is just part and parcel of what it is that we stand for as an industry," he said. "I have no reason to expect that's going to change because the nature of loss is cyber instead of a wildfire or some storm event."
CYBERSECURITY OPERATIONS FACING TREMENDOUS CHALLENGES
Working from home has opened multiple vectors for cyberattacks through the heightened dependency on personal devices and home networks.
Social engineering tactics are even more effective on a distracted and vulnerable workforce.
Security operations centres (SOCs) have been designed to look for anomalous behaviours; today, SOCs are operating with impaired visibility because everything looks anomalous.
Critical business assets and functions are significantly more exposed to opportunistic and targeted cyberattacks by criminal organisations and nation states seeking to exploit vulnerabilities and plant seeds for future attacks.
Public-sector services such as hospitals and healthcare services are under acute pressure and have been hit particularly hard by new types of ransomware aimed at disrupting connectivity, as well as denial-of-service attacks.
Source: World Economic Forum
CYBERATTACKS DURING COVID-19
Since the start of the Covid-19 pandemic, the World Health Organization (WHO) has seen a dramatic increase in the number of cyberattacks directed at its staff, and email scams targeting the public at large. In one week in May, some 450 active WHO email addresses and passwords were leaked online, along with thousands belonging to others working on the novel coronavirus response. The leaked credentials did not put WHO systems at risk because the data was not recent. However, the attack did impact an older extranet system, used by current and retired staff as well as partners.
Scammers impersonating WHO in emails have also increasingly targeted the general public to channel donations to a fictitious fund and not the authentic Covid-19 Solidary Response Fund. The number of cyberattacks is now more than five times the number directed at the organisation in the same period last year.
Liz Booth is contributing editor of The Journal