Search for insurance help

Cyber Risks - Brute Force Attack, Ransomware & Business Interruption


One of the biggest areas affected with cyber threats is the cost associated with the interruption to the business (not able to trade), and the most common cause is Human Error.
 
All organisations (including manufacturing) utilise their computer systems to perform key functions and the loss of these systems significantly reduce or even cripple a company form trading.
 
The key things to consider are:
 
  1. Do you have an I.T. disaster recovery plan?
  2. How long would it take to get back online, and what is the potential impact to your turnover?
  3. How long would it take to return to full operating efficiency, and what is the potential total impact to your turnover?
 
A recent example has highlighted the need for experts to assist when a manufacturing business received a brute force attack and was crippled.
 
A person (hacker) was able to gain access to the business's computer system through a Remote Desktop Protocol (RDP), which is used to gain access remotely to the network (i.e. work from home employees). This exposed the network to the internet and removed the more secure connection of a Virtual Private Network (VPN). The hacker then commenced an brute force attack to obtain administrator access. A brute force attack is where a hacker uses a computer programme to crack passwords by trying every possible password combination in rapid succession. Unfortunately, the local administrator account had a weak password in place, and it didn't take long for the hacker to gain access. The hacker then launched their encryption across the servers, placing the Ransomware program, leaving a ransom note and requested payment in Bitcoin.
 
The business attempted to restore the servers from backups, however some of the data had not been saved externally so were compromised and unrecoverable.
 
Luckily for this business they had a Cyber Insurance program, and was able to engage their 24/7 incident response team to assist.
 
Whilst this hack did not compromise the manufacturing side of the business, the administration and sales side was dramatically affected including loss of substantial sales and all pre-existing business leads. The hacking event was rectified in a matter of days, but the on cost to the business was felt over many months.

Management Liability insurance is designed to provide protection to both the business and its directors or officers for claims of wrongful acts in the management of the business.

A business insurance pack can provide cover for your business premises and contents, against loss, damage, theft or financial loss from an insured interruption to the business.

Purchase up to six products under one Business Insurance Package. 

Whilst this hack did not compromise the manufacturing side of the business, the administration and sales side was dramatically affected including loss of substantial sales and all pre-existing business leads. The hacking event was rectified in a matter of days, but the on cost to the business was felt over many months.
 
The total extent of impacts to the business from this one RDP access included:
 
  • Hacking - IT Forensics to investigate the loss
  • Hacking - Ransom payment
  • System Damage - Rectification to prevent reoccurrence
  • Business Interruption - Additional Increased Cost of Working
  • Business Interruption - Lost Profit
 
And the lessons are:
 
  • An open port used for RDP is one of the most common vulnerabilities exploited
  • The majority of ransomware claims are a result of hackers gaining access via RDP
  • Businesses should ensure that staff have strong password security in place as well as two-factor authentication
  • Importance of having cyber insurance, including business interruption coverage
  • All modern businesses have some form of cyber exposure
 
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.

All information above has been provided by the author.


Mark O'Reilly, Austbrokers Countrywide

Related articles

Comments (0)

Related insurance brokers

Review rating
27 reviews

Featured Featured

Abbie Wilson

National Insurance Brokers

  • Typically replies within
    a few hours
  • Review rating
    16 reviews

    Featured Featured

    Shane Brady

    Stone Lane Broking & Risk Advisory

  • Typically replies within
    a few minutes