, Singapore

What does COVID-19 mean for cyber insurance?

By Jacqueline Jayne

By Jacqueline Jayne, Security Awareness Advocate, KnowBe4 APAC

Cyber insurance hasn’t always been a priority for APAC businesses, but thanks to COVID-19 it’s now firmly at the top of the agenda. Or at least it should be, with cyber criminals all over the world exploiting the pandemic to ramp up their attacks. A recent KnowBe4 report found that coronavirus-related phishing attacks have sky-rocketed, with 56% of all attacks relating to COVID-19.

According to VMWare Carbon Black, 53% of incident response professionals experienced an increase in cyberattacks exploiting COVID-19 in 2020 and 93% of all Singapore respondents stated that they had seen an increase in overall cyberattacks as a result of employees working from home.

So, it’s clear cyber insurance is key to an organisation’s risk management strategy. But getting the correct level of cyber insurance in place has become harder in recent months thanks to a new trend in ransomware infections called data exfiltration. 

How the threat landscape has changed
Traditional ransomware attacks would involve cyber criminals hacking an organisations and taking data hostage then demanding a ‘ransom’ payment to return it to you. Initially the returns for attackers were high as organisations were caught off guard. But businesses quickly learned to protect themselves with data backups and focus on the ability to restore data quickly in the event of such an event.

Cyber attackers needed to change their modus operandi in order to see the same rewards and in late 2019 we saw the first cases of ransomware combined with data exfiltration. Now the risk includes cyber criminals disclosing data without authorisation and the ability to restore data quickly is no longer adequate protection. Thanks to COVID-19, the associated risk of data disclosure is suddenly even larger with the move to telehealth and online learning providing juicier targets for cyber criminals. 

What does this mean for Cyber Insurance Planning?
To protect against the old ransomware attack models, for example, an organisation could budget $1 million to cover recovery and costs such as downtime and digital forensics. However, in a situation where cyber criminals have publicly disclosed stolen data, that protection would not be adequate as costs would be significantly higher. 

Businesses need to factor in setting up a call centre and response website, deal with legal issues and potential regulatory fines, hold press conferences and involve public relations firms as well. Even the digital forensics costs would be higher as they not only have to look in to how the attackers got in (hint, it is usually a phishing email or remote access portal) and what malware or back doors they left behind, but now they also have to find out what data was exfiltrated and the extent of customer data impacted.

Regulatory requirements
Previously, if during an old-school ransomware attack no data left the organisation and the business was operational again quickly, there would be no reason to disclose an attack outside of the organisation and such events would often go unreported. Now, if customer data is exfiltrated, businesses are subject to entirely different reporting and notification requirements.

Protecting your organisation
There is no security control in an organisation that is 100% effective all the time. That “silver bullet” just does not exist, yet it is often an excuse to focus on recovery rather than prevention. That is a huge mistake and one that, now that data is being exfiltrated and exposed, is even more costly. A better approach is to stop attacks before they occur.

With many cyber-attacks, and ransomware in particular, the criminals almost always gain access through a phishing email or through a remote access portal (such as Windows Remote Desktop Protocol or RDP) being insecurely exposed to the internet.  

So how to do you prevent your employees falling victim to phishing? The most effective way is through user awareness training. With respect to the remote access issue, wherever possible, enable Multi-Factor Authentication (MFA), make sure to log all authentication attempts, lock accounts after multiple attempts and quickly report failures. This will help spot brute force attacks and reduce the chance that the attackers will be able to log in using credential stuffing techniques or common passwords (two behaviours that should also be addressed in training).

Ransomware is not going away any time soon and COVID-19 is making things worse than ever. Organisations would be wise to review current cyber insurance coverage to ensure that it meets the new threats of ransomware attacks. In addition, it makes more sense than ever to tackle preventative measures such as new-school security awareness training and reviewing the configuration and controls around remote access portals to avoid these types of issues in the first place.

Since you're here...

...there are many ways you can work with us to advertise your company and connect to your customers. Our team can help you dight and create an advertising campaign, in print and digital, on this website and in print magazine.

We can also organize a real life or digital event for you and find thought leader speakers as well as industry leaders, who could be your potential partners, to join the event. We also run some awards programmes which give you an opportunity to be recognized for your achievements during the year and you can join this as a participant or a sponsor.

Let us help you drive your business forward with a good partnership!

Get Insurance Asia in your inbox

Aussie PM frets about sustainability of disability insurance scheme

The growth in payment per participant was due to inconsistent information, he said.

China Taiping Insurance maintains stability amidst pandemic: report

But ROE and ROA were lower in 2020 compared to 2019.

Pivoting to Digital: How the insurance sector is moving with tech

Making bolder moves on digital will be needed to attract a bigger part of the market.

Singapore life insurers post 29% jump in Q1 2021 weighted new premiums

Single-premium products grew 85% QoQ in weighted premiums.

Luxury import cars drive South Korean non-life premiums in 2020

Top general insurers had  $16.82b in premiums through credit cards in 2020.

Indian insurers at the cusp of transformation: retired IRDAI chairman

India's IT capabilities will accentuate the further growth of the sector.

Indian general insurers likely to hit $36.4b in 2025

The sector has a CAGR of 8.7% over FY2019-2024.

HSBC Life, dacadoo partner to promote better health amongst users

The insurer will integrate dacadoo into its health platforms.

Philippine insurers' 2020 net income slips 8.6% to $859m

Premium income only crept up 1.18% YoY.