Australian Websites Hacked: Insurance Case Study
HACKING a form of cyber attack is an increasing risk faced by Small and Medium Businesses (SMBs). Hackers attacked a number of Australian websites recently. SMBs websites that were hacked lost all their content and had only visible message posted by the hackers : “Stop spying on Indonesia.” Considering the time, effort and money involved in creating and maintaining websites, many such SMBs would consider such a hacking incident nothing short of a crisis. The common reaction to the hack attack may be ‘why them’ ?
The truth is that it that hackers can target anyone. In the above hacking incident, hackers claimed links to the international activist group “Anonymous”. Apparently they enjoyed the chaos such a hack attack would cause for the SMBs such as dry cleaners, plumbers, schools and small private practices which owned the hacked sites.
A mere few days prior to the hack attack, the Internet security company McAfee had highlighted in a study that SMBs were operating under a false sense of security about their exposure to cyber risk. SMBs with fewer than 100 employees are actually more vulnerable to a hack attack due to the fact that their defenses are often not as strong as larger businesses. Unfortunately, SMBs are also likely to suffer more financially from a hack attack and face a difficult process of recovering from an attack.
Most hacked SMBs are not only faced with the cost of re-building their website and other forms of online presence such as an e-commerce store, fund-raising platform, donor sign-up page, etc. – they also are confronted with the loss of revenue and the harm to their reputation which frequently accompany website downtime after a hacking incident.
While it cannot be ascertained if SMBs who owned the individual websites that were hacked had hacking insurance coverage or cyber insurance as it is commonly referred to, below is an outline of how such a hacking insurance coverage could have come to their rescue in managing the crisis:
Hacking Insurance Coverage that is part of Cyber Insurance Coverage * could help the business owner(s) pay for the cost of:
1: Website Hack:
- reasonable and necessary expenses incurred for returning the contents and platform of the hacked websites to the same condition they were in prior to being damaged, destroyed, altered, corrupted, copied, stolen or misused
- hiring a public relations firm to assist in re-establishing business reputation after the hack.
- hiring a forensic consultant to establish the identity of the hacker
- hiring a security consultant to review current electronic security and possible security to prevent future hacking incidents
If your website/e-commerce store cannot function due to a cyber attack and the hacker demands ransom, the hacking insurance policy would cover:
- payment of or reimbursement for the ransom paid to the hacker
- hiring a consultant for the handling and negotiation of the ransom demand (conditions apply) with the hacker
3: Loss of Revenue:
- hacking insurance coverage usually pays for the loss amount for each consecutive hour that your revenue (including internet revenue) is continuously interrupted or materially impaired after the hack; time retention usually applies in such hacking cases
- payment for the necessary expenses incurred by your business to stop the loss of revenue after the hack
*Disclaimer: Conditions apply for each hacking policy coverage and the information expected from you for filing your claim. Coverage may differ based on specific clauses in individual hacking policies. Please ask your broker to explain any additional benefits and exclusions pertaining to your policy.
“The information provided is general advice only and does not take account of your personal circumstances or needs. Please refer to our financial services guide which contains details of our services and how we are remunerated.”