Tag Archives: cyber attacks

Insurers’ Vulnerabilities

Catastrophic Insurers’ Vulnerabilities:

A test on January 31st 2017 examined the insurers’ vulnerabilities.

A combination of a cyber attack, U. S. hurricanes and the failure of a reinsurer could therefore result in extreme insurers’ vulnerabilities in the insurance industry. These tests showed that Insurers could furthermore lose up to 120 per cent of their net capital base. The loss could be in the region of $200 billion. However, in spite of this they would not be put out of business.

Simulations:

Catastrophe simulations were performed in London in November 2016. These were staged by nine insurers and reinsurers. The simulations dealt with a cyber attack on power grids across 15 U.S. states. Furthermore, a 16 per cent downward trend in global stocks. In addition a category 5 hurricane over Miami and Florida. Also, a failure of a major reinsurer.

These tests were led by Robert Childs, the chairman of insurer Hiscox. Observers of the simulation to test vulnerabilities were the Prudential Regulation Authority, the U. K. Finance Ministry and various rating agencies.

The amount that would be lost would be more than twice the size of losses caused by Hurricane Katrina. Furthermore, at least four times larger than the World Trade Centre insured loss.

The following recommendations are to be adopted by the London Market:

1. To ensure that customers are offered efficient internal processes to react efficiently to market-turning crises.
2. Also form crisis management training programmes.
3. Ensure as well that a dynamic response has been tested and is in place.
4.  In addition have plans to raise additional capital following a critical event.

In conclusion, the London Market is to maintain its leading position and expertise in the global marketplace by strengthening Lloyd’s position and proactive stakeholder interactions.

Home Cyber Attacks

The Risk of Home Cyber Attacks:

Eighty per cent of US consumers have connectedness through a home data network. This is increasing the risk of home cyber attacks.

A survey from The Hartford Steam Boiler Inspection and Insurance Company found that connected devices include music systems, smart televisions, security cameras, door locks, alarms, lighting and home automation.

New targets:

Up until now, home cyber attacks have been fairly uncommon. However, criminals are always on the look out for new targets. Basic measures such as changing passwords are neglected by homeowners thus paving the way for an increase in home cyber attacks.

Once criminals have access, they can steal personal and financial information. They can hold computer files for ransom. Furthermore anything from webcams and smart TVs can be hijacked.

Unless you secure your router, you are a target for cyber crime. They will use your internet service for free and use your network for criminal activities.

For your protection you should : –

1. Change the name of your router. The default ID, called a service set identifier (SSID) is assigned by the manufacturer. Change your router to a name that is unique to you.
2. Change the pre-set password on your router.
3. When you choose your router’s level of security, opt for WPA2 or WPA. They are more secure than the WEP option.
4. Some routers allow for guests to use the network via a separate password. If you have many visitors to your home, its a good idea to set up a guest network.
5. Firewalls help keep hackers from using your computer to send out your personal information without your permission. While anti-virus software scans incoming email and files, a firewall is like a guard. It is watching for attempts to access your system and block communication with sources you do not permit.

Cyber Insurance Market

The cyber insurance market is booming due to rising cyber attacks. It is among the fastest growing insurance niches. Cyber insurance products cover operational risks affecting confidentiality, availability or integrity of information and technology assets.

Its growth is led mainly by financial institutions. These institutions are performing cyber risk management. Demand is also driven by regulatory pressures that will require all enterprises to notify individuals if their personal data is breached.

Organisations are becoming more reliant on data.  Therefore more of their business is conducted over digital channels.  They will as a result place increasing value on protecting that data.

Over the past few years there have been high profile and costly breaches, This is also driving the demand for cyber insurance products. Few insurance companies have a clear understanding of what “good” cyber security looks like for their customers. They are therefore unable to assess whether their customers are taking the right precautions to properly manage their risk .

Cyber risk is not an IT issue, it is a business problem. Until recently, cyber insurance was considered a nice-to-have supplement to existing insurance coverage. Cyber insurance coverage is now becoming a must-have.

The cyber threat is pervasive. Attacks are increasing. Cyber attack trends are also shifting constantly. An attack can come from multiple directions and in multiple forms. In this complex, dynamic threat landscape, the ability to accurately assess risk becomes a huge undertaking.

Five out of six companies with more than 2,500 employees were targeted in cyber attacks in 2014.  This represented a 40% increase last year, according to Symantec’s annual internet security threat report. Hackers are becoming more sophisticated. They are introducing more and better malware to their campaigns. More than 317 million new pieces of malware were created in 2014.  This means that almost a million new threats were released daily.

Businesses are increasingly backing up their data and apps in a secure, off-site cloud environment. The cloud is faster than other options.  It typically offers the most protection at the lowest cost. Recovery in the cloud requires no travel and no extra hardware. It offers extreme levels of reliability.

Kaspersky Labs describes hooded “money mules” waiting at ATMs. They are controlled remotely to dispense cash at a particular time without the need for a bank card. The reported losses potentially exceed US $1 billion. The criminal activity spans Russia, The U. S., Europe and China and is likely to involve Asia, the Middle East, Africa and Europe.

It is understood that the attacks began with a spear-phishing email designed to look like a legitimate communication. The email in fact delivered malware which was capable of exploiting vulnerabilities in certain Microsoft products.  This opens a backdoor to the bank’s systems leading to the attackers seizing control of the ATMs and bank accounts.

The Kaspersky Report states that the stolen funds were transferred out of the targeted financial institutions.  These funds eventually went to bank accounts in the U. S. and China.  It took two to four months to steal between $2.5 million and $10 million from each bank.

The scale of these thefts is therefore a reminder of how such acts are a national threat.  Financial markets and systems can be destabilised. Understandably, cyber security is receiving considerable regulatory scrutiny.