Learn about cyber crime and attacks.
Although we have seen a small decline in the percentage of cybercrime reported between 2020 and 2022, the costs associated with each attack have increased. The UK Government Cybersecurity survey 2022 reported the average overall estimated cost to organisations that experienced material losses at £4,200. Segmented by only medium and large businesses, this average increases to circa £19,400.
A cyber attack is an attempt to virtually or remotely gain unauthorised access to a digitally based system in order to steal or extort information for financial gain. The implications from a business perspective can be much broader reaching depending on the outcomes that could impact on business continuity, financial loss, data breaches and/or loss, reputational damage, and exposure to customer or client data security.
Unless you work in cyber security, the answer is likely ‘no’ in this particular context. But it is worth being aware of the types of cyberattacks that could threaten your business, and why cyber insurance should be a feature of your commercial insurance portfolio.
Taking away the complexities and jargon, there are essentially four types of cyber threat: phishing, social engineering, malware and ransomware. But first it’s worth understanding the difference between a data leak and data breach.
A data leak is when sensitive or company data is accidentally shared externally, and can generally occur in two ways.
A data breach will occur due to a cyberattack where an external force has breached system security and gained unauthorised access. This may be as a result of the aforementioned malware like viruses, ransomware, trojans, worms, social engineering, or a forceable attack like hacking.
Phishing will generally take the form of emails or text messages and are designed to look like they come from a legitimate and relevant source, e.g. IT services, a supplier invoice or courier service. The content is usually of an urgent nature and required immediate action, encouraging the recipient to click a weblink through to a spoofed website in order to obtain sensitive information such as usernames and passwords. Some phishing emails will encourage the download of a document carrying malware that can infect the computer.
You can usually identify a phishing or scam email by its rudimentary appearance, the urgency of the message, and its poor spelling and grammar. The email may also appear to be from a recognisable alias, but you can verify the real identity of the sender by clicking on the sender name to reveal the source email address. If in doubt, you can always cross-reference the information in the email against the genuine website.
Social engineering is one of the most damaging modern cyber threats as it can be very effective and lucrative.
This type of attack exploits sensitive information like passwords from individuals. Cybercriminals will often use sophisticated manipulation techniques, be it an email, phone call or text, pretending to be a senior colleague or trusted company resource and using a familiar tone of voice. The criminal will do their best to convey a sense of urgency so you take action right now – whether that’s providing bank details, changing a password, or clicking a link.
The fraud can also be more targeted and may be less obvious, as attackers might engage with a victim several times before requesting information, making it more effective than the blanket phishing approach. As with phishing, if you are suspicious, you can use separate channels to confirm the information or go direct to source.
Malware is a ‘malicious software’ designed to exploit information or cause damage to digital systems. Although basic viruses are still a common threat, malware has evolved to carry out a number of functions and can be coded to perform different tasks after execution. Types of malware include:
Viruses: a self-replicating programme that insert its own code into another programme, modifying and corrupting the original code and then spreading to other programmes within a computer. If any of these ‘infected’ files are shared and downloaded to another computer, the virus can be spread in the same way to this computer also.
Worms: the primary purpose of worms is to spread and ‘infect’ multiple computers. They are self-replicating programmes that use computer network systems to spread, causing a damage or disruption, including increasing network traffic to restrict available bandwidth, known as denial-of-service (DoS) attacks.
Trojans: if you know your Greek mythology, Trojan malware is named after the Trojan Horse of Troy, which allowed attackers into the city. In this case, Trojans deploy sophisticated malware by leading the user to believe it is a legitimate programme. Trojans will predominantly be used to carry programmes that allow attackers unauthorised access to then view personal data, like internet activity and login information. They are also used to deploy ransomware and spyware.
Spyware: this is purposely designed to infiltrate a computer and record information such as keystrokes, browser history, logins, and more. This information can then be used to access bank details and other fraudulent activity, or the information can be sold on.
Bots: bot software is designed to carry out repetitive and specific tasks to support customer services, or search engine indexing. When used for malicious purposes, bots – also known as spiders and crawlers – can cause significant harm depending on their coded tasks, including stealing data and sensitive information, and supporting ransomware. Like worms, bots can also carry out denial-of-service (DoS) attacks that create a barrage of network traffic, causing the website to crash.
Ransomware is a subset of malware and is a type of malicious software designed to block access to computer files until a sum of money is paid. It has become popular with cyber criminals due to it being low risk, high reward.
Jigsaws are a form of ransomware that encrypts every file on a computer before systematically deleting files from the computer every hour from the initial point of infection until a ransom is paid. The number of files deleted increases with each hour the ransom is unpaid.
These are just a few of the many forms a cyber-attack can take that could impact you as an individual or as a business. If you are considering cyber insurance solutions, please speak to our specialist team.
There are insurance options available in the market to suit every scale and size of business. Depending on the insurer and policy, some covers can also provide access to further support and resources, or services to assist with your anti-cybercrime strategy.
If you would like to speak to us to discuss your cyber insurance requirements, or simply find out more about your options, please speak to your usual Towergate representative.
Date: December 28, 2023
Category: Small Business