Search for insurance help

Cyber Risks - Brute Force Attack, Ransomware & Business Interruption

Mark O'Reilly

Mark O'Reilly

Austbrokers Countrywide

  • Jun 27, 2019
  • Views: 1370
Business Insurance Cyber Insurance

One of the biggest areas affected with cyber threats is the cost associated with the interruption to the business (not able to trade), and the most common cause is Human Error.
 
All organisations (including manufacturing) utilise their computer systems to perform key functions and the loss of these systems significantly reduce or even cripple a company form trading.
 
The key things to consider are:
 
  1. Do you have an I.T. disaster recovery plan?
  2. How long would it take to get back online, and what is the potential impact to your turnover?
  3. How long would it take to return to full operating efficiency, and what is the potential total impact to your turnover?
 
A recent example has highlighted the need for experts to assist when a manufacturing business received a brute force attack and was crippled.
 
A person (hacker) was able to gain access to the business's computer system through a Remote Desktop Protocol (RDP), which is used to gain access remotely to the network (i.e. work from home employees). This exposed the network to the internet and removed the more secure connection of a Virtual Private Network (VPN). The hacker then commenced an brute force attack to obtain administrator access. A brute force attack is where a hacker uses a computer programme to crack passwords by trying every possible password combination in rapid succession. Unfortunately, the local administrator account had a weak password in place, and it didn't take long for the hacker to gain access. The hacker then launched their encryption across the servers, placing the Ransomware program, leaving a ransom note and requested payment in Bitcoin.
 
The business attempted to restore the servers from backups, however some of the data had not been saved externally so were compromised and unrecoverable.
 
Luckily for this business they had a Cyber Insurance program, and was able to engage their 24/7 incident response team to assist.
 
Whilst this hack did not compromise the manufacturing side of the business, the administration and sales side was dramatically affected including loss of substantial sales and all pre-existing business leads. The hacking event was rectified in a matter of days, but the on cost to the business was felt over many months.
BizCover

Management Liability Insurance

Management Liability insurance is designed to provide protection to both the business and its directors or officers for claims of wrongful acts in the management of the business.

Details Get Quote
BizCover

Business Insurance

A business insurance pack can provide cover for your business premises and contents, against loss, damage, theft or financial loss from an insured interruption to the business.

Details Get Quote
insurance.com.au

Business Package

Purchase up to six products under one Business Insurance Package. 

Details Get a quote!
Whilst this hack did not compromise the manufacturing side of the business, the administration and sales side was dramatically affected including loss of substantial sales and all pre-existing business leads. The hacking event was rectified in a matter of days, but the on cost to the business was felt over many months.
Mark O'Reilly
QUESTIONS? JUST ASK

Mark O'Reilly

Send a Message
 
The total extent of impacts to the business from this one RDP access included:
 
  • Hacking - IT Forensics to investigate the loss
  • Hacking - Ransom payment
  • System Damage - Rectification to prevent reoccurrence
  • Business Interruption - Additional Increased Cost of Working
  • Business Interruption - Lost Profit
 
And the lessons are:
 
  • An open port used for RDP is one of the most common vulnerabilities exploited
  • The majority of ransomware claims are a result of hackers gaining access via RDP
  • Businesses should ensure that staff have strong password security in place as well as two-factor authentication
  • Importance of having cyber insurance, including business interruption coverage
  • All modern businesses have some form of cyber exposure
 
cyber risk
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.

All information above has been provided by the author.


Mark O'Reilly, Austbrokers Countrywide

Related articles

Abbie Wilson

Abbie Wilson

22 Apr

Safeguarding the Furry Friends: A Guide to Insurance for Dog Groomers

Abbie Wilson

Abbie Wilson

21 Apr

Protecting your business and tools is as essential as snagging a good spot at the pub

Tony Venning

Tony Venning

08 Apr

Do I Really Need Professional Indemnity Insurance?

Image Description
QUESTIONS? JUST ASK

Mark O'Reilly

Comments (0)

Related articles

insurance.com.au

insurance.com.au

08 Apr

Public Liability vs. Professional Indemnity Insurance

FD Beck Insurance Brokers

FD Beck Insurance Brokers

03 Apr

Strategies for Saving on Business Insurance

Abbie Wilson

Abbie Wilson

19 Mar

Navigating Through Uncertainty: The Vital Role of Policy Reviews Amidst Devastating Fires

Related insurance brokers

Joe Daley
Review rating
6 reviews

Featured Featured

Joe Daley

AJ Insurance Services
  • Typically replies within
    a few minutes
    Tony Venning
    Review rating
    26 reviews

    Featured Featured

    Tony Venning

    Crucial Insurance and Risk Advisors
  • Typically replies within
    a few hours
    Warren Reid
    Review rating
    10 reviews

    Featured Featured

    Warren Reid

    Broad Risk Insurance Brokers
  • Typically replies within
    a few minutes