Search for insurance help

Protecting against business email compromises, ransomware and COVID-related phishing attacks

Business Insurance Cyber Insurance Business Interruption Insurance Technology Sector Insurance IT Services Insurance Internet & Webservices Insurance

Two of the most common cyber threats affecting Australian businesses in 2020 are Business Email Compromises (BEC) and Ransomware Attacks. There has also been a sharp spike in the number of phishing attacks taking advantage of the Covid-19 pandemic, making it essential for Australian businesses to be even more vigilant than usual.

Business Email Compromises

Business Email Compromises (BEC) continues to be one of the biggest cyber threats in Australia and around the globe. BEC breaches can be especially costly due to their frequency and requirement under Australian Privacy Act regulations for businesses to notify the Office of the Australian Information Commissioner (OAIC) and all potentially-affected individuals, even if a data breach is only suspected and yet to be proven.

The cost of each BEC incident is different. However even if there has been no theft of funds, it will typically be at least $25,000. This includes the costs required to commission a forensic IT report to identify the exact nature of the breach and gaining up-to-date legal representatives to ensure full compliance with your obligations under the Privacy Act. Should your business be required to prepare formal breach notifications to affected individuals and the OAIC, the costs can easily exceed $50,000-$60,000.

To reduce the chances of being impacted by a BEC event, serious attention should be given to developing – and reviewing – security controls and processes around email usage and access. According to the Australian Cyber Security Centre, one of the most effective mechanisms to reduce the chances of a successful BEC is the implementation of Multi-Factor Authentication on your email accounts.

Ransomware Attacks

In 2020, sophisticated ransomware attacks remain one of the most malicious – and common – forms of corporate cyber-attacks. In the past 12 months alone, some of the highest profile businesses in the world have seen their IT networks crippled as a result of ransomware attacks. Australian businesses are not immune. Below is an outline of just some of the more recent ransomware events suffered both globally and here in Australia:

Toll Group – one of Australia’s largest logistics businesses, Toll has suffered from two ransomware attacks on their network in 2020. With the impacts still being felt, it has the potential to be the biggest cyber loss in Australian corporate history
Lion – the dairy processor and drink manufacturer was hit by a ransomware attack which has disrupted the organisations operations. Given the beer manufacturer is dealing with an increased demand from pubs and clubs as they begin to re-open, the cyber-attack couldn’t have come at a worse time
Service NSW – through a sophisticated phishing campaign, the email accounts of 47 Service NSW staff members were illegally accessed by hackers
Fisher & Paykel – the NZ-based appliances maker was hit by the Nefilim malware (the same that hit Toll Group with their second cyber-attack). Hackers have begun to publish corporate files on the dark web, which includes confidential financial data dating back to 2013
Honda – the Japanese car maker has been infected by the ‘Snake’ ransomware, specifically targeting industrial control systems used in manufacturing plants, forcing Honda to temporality suspend production at some of its facilities
Garmin – most commonly known for its GPS fitness tracking devices, hackers deployed the ransomware tool ‘WastedLocker’ which is believed to have encrypted Garmin’s internal network. Reports are that Garmin paid the $10m ransom
Arthur J Gallagher & Co – one of the world’s largest financial services firms was hit with a ransomware attack at the end of September, which immediately took all their global IT networks offline

Management Liability Insurance

Management Liability insurance is designed to provide protection to both the business and its directors or officers for claims of wrongful acts in the management of the business.

Details Get Quote

Business Insurance

A business insurance pack can provide cover for your business premises and contents, against loss, damage, theft or financial loss from an insured interruption to the business.

Details Get Quote

Business Package

Purchase up to six products under one Business Insurance Package.

Details Get a quote!

Toll Group – one of Australia’s largest logistics businesses, Toll has suffered from two ransomware attacks on their network in 2020. With the impacts still being felt, it has the potential to be the biggest cyber loss in Australian corporate history
Lion – the dairy processor and drink manufacturer was hit by a ransomware attack which has disrupted the organisations operations. Given the beer manufacturer is dealing with an increased demand from pubs and clubs as they begin to re-open, the cyber-attack couldn’t have come at a worse time
Service NSW – through a sophisticated phishing campaign, the email accounts of 47 Service NSW staff members were illegally accessed by hackers
Fisher & Paykel – the NZ-based appliances maker was hit by the Nefilim malware (the same that hit Toll Group with their second cyber-attack). Hackers have begun to publish corporate files on the dark web, which includes confidential financial data dating back to 2013
Honda – the Japanese car maker has been infected by the ‘Snake’ ransomware, specifically targeting industrial control systems used in manufacturing plants, forcing Honda to temporality suspend production at some of its facilities
Garmin – most commonly known for its GPS fitness tracking devices, hackers deployed the ransomware tool ‘WastedLocker’ which is believed to have encrypted Garmin’s internal network. Reports are that Garmin paid the $10m ransom
Arthur J Gallagher & Co – one of the world’s largest financial services firms was hit with a ransomware attack at the end of September, which immediately took all their global IT networks offline

The financial and reputational impacts of ransomware attacks affect different brands and businesses in very different ways. Generally speaking, the costs fall into one of two areas:

First Party Forensic IT Costs(10-20%)

These are costs necessary to maintain business operations and minimise downtime. Depending on whether backups have been encrypted, or corporate/personal data has been stolen, these costs tend to sit between 10-20% of the overall incident expenses.
Business Interruption Costs (70-80%)

These are costs incurred as a result of lost business due to systems downtime. They tend to make up around 70-80% of the total incident costs.

Covid-19 Phishing Attacks

Cyber criminals have long been the masters of opportunism. So, it comes as little surprise that Covid-19 has also led to an increase in targeted phishing attacks against organisations and their employees seeking updates about the virus and its spread, coupled with weaker security controls in work-from-home environments. Significant increases have been seen in Remote Desktop Protocol (RDP) attacks on networks in the last six months, particularly those with weak passwords. This has provided cyber criminals with yet another gateway into sensitive data systems, where they can then deploy ransomware and bring businesses to their knees.

12 Cyber Security Steps

If you’re looking to improve the security of your business’ digital systems and data, visiting the Australian Government’s Business Advisory website is an excellent place to start. It recommends the following 12 steps, several of which you can implementimmediately:

Back up data
Secure your devices & network
Encrypt important information
Use two-factor authentication
Manage passwords
Monitor use of computer equipment & systems
Put policies in place to guide your staff
Train your staff to be safe online
Protect your customers
Protect yourself with cyber insurance
Get updates on the latest risks
Speak to an adviser

More details on each of these steps is available at the Australian Government’s Business Advisory website.

If you’d like discuss the specific cyber risks faced by your business, please speak with us today.

cyber covid-19 online security

General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.

All information above has been provided by the author.

Everest Risk Group Pty Ltd, ABN 9710698462318, AFSL 240549

This article originally appeared on Everest Risk Group News and has been published here with permission.