A new report published by Beazley, highlights just how many potential cyber threats organisations could be exposed to on a daily basis.
Fraud, both with and without infiltration, was found to be the biggest cyber security threat over multiple sectors. In fact, on average for the 2020-2022 period, system infiltration was found to be the cause of 63.7% manufacturing losses and 37% healthcare losses, with system infiltration incidents in healthcare on the rise. Fraud without infiltration was also found to be on an upward slope in both the manufacturing and healthcare industries, with a respective 5.3% and 2.6% increase in losses for this cause since 2020.
In contrast, it was found that losses caused by attack on administrative softwares had fallen in both sectors since 2020. The Healthcare sector showed an extreme decrease from 31.6% to 15.4% between 2021 and 2022. Manufacturing losses also fell from 10% to 2.7% since 2021. This suggests that in both sectors, organisations are increasingly prioritising security when choosing a third-party software to store their customers’ data.
The report also highlighted a growing level of risk exposure too. Technology has considerably evolved, and many organisations are increasingly uploading data onto the cloud to scale operations in a more efficient manner. It is, however, a common mistake to assume that this automatically provides security. You may be surprised to learn that within these cloud-based services, the data protection tools may not be automatically enabled on your behalf therefore leaving any sensitive data vulnerable to a breach. Combining this with the fact that some ransomware tools are being made publicly available, meaning anyone with minimal coding skills can use them, organisations must remain vigilant now more than ever.
What are threat actors and how might they attack?
We know that the scope of potential and recognised cyber security threats is continually evolving and includes an ever-growing number of ways to infiltrate your organisation’s systems. One term you may often hear in relation to the threat landscape is ‘threat actor’. This is a person who executes or participates in the malicious targeting of an organisation’s IT security. Threat actors involved can span from a single person, group, organization to even a whole country. There are three main types of threat actors to look out for.
Cyber Criminals
These are the most common threat actor. Their primary source of attack is phishing and the use of ransom and malware. Their intention is typically to steal data, forcing the victims of the attack to pay large ransoms to get it back.
Insider threats
These include anyone who is directly or indirectly involved in a cyber attack by compromising an organisation’s cyber security infrastructure. This could even include employees, third party contractors or partners who unintentionally fall prey to a phishing attack.
Nation states
These are countries who target organisations in countries other than their own, with an intention of stealing data. This is either to disrupt security, damage the economy or hinder government operations.
Mitigating your risk
In two out of three incidents investigated by Beazley’s cyber team, threat actors were attacking via double extortion methods. This means that stolen data was both encrypted and exported. This led to the threat actor asking victims for a ransom to first decrypt and then delete the exfiltrated files. In some cases, attackers took it a step further and began implementing triple extortion methods, which included further pressure and threats towards the victims.
To protect your organisation from these malicious attacks, one of the most essential methods to defend your business is by implementing Multi Factor Authentication. This might include methods such as time based one-time passcodes, open authorisation tokens, authenticator apps or biometrics. Without these, any threat actor who obtains correct credentials and connects to an organisations network could be undetectable. In fact, Beazley’s latest report found that organisations were over two times more likely to experience a ransomware attack, if extra authentication was not enabled.
Although measures can be put in place to lower the risk, the threat actor’s methods are ever evolving, and they are always finding new ways to attack. The operational, legal, and reputational impacts of such an attack could be substantial to you or your organisation. Therefore, it is imperative to work with an insurer or broker who understands the habits of threat actors and can help you recognise areas of risk within your business.
If you would like to learn more about cyber attacks and how best to prepare your business against an incident, please get in touch. We can help with more than just insurance cover – we can help you to create a full risk assessment so that your bases are covered.
You can call us on 01480 272727 or email us at enquiries@barnesinsurancebroker.co.uk to start your cyber conversation.
