As cyber attacks continue to rise and in the wake of the recent NHS cyber breach, UK-based businesses of all sizes are being urged to protect themselves against online crime. Recent government statistics showed nearly half of all UK businesses suffered a cyber breach or attack in the past year.
A recent survey* reveals nearly seven out of ten large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the survey period in 2016 being £20,000 and in some individual cases reaching millions.
The survey also shows that personal data is still a lure for criminals, with businesses holding electronic personal data on customers much more likely to suffer cyber breaches than those that don’t (51 per cent compared to 37 per cent). The most common attacks detected were via ‘phishing’ (fraudulent emails).
Almost all businesses rely on information technology (IT) infrastructure to transmit and store data including, employee and customer records, company business records, e-mail and telephone services, company website and online sales.
So, what is Phishing?
Phishing is a form of social engineering that uses email or malicious websites to solicit personal information from an individual or company by posing as a trustworthy organisation or entity. These kind of attacks are often via email and appear to be from an institution or company that the individual does business with. For example, a bank, or a web service the individual may have an account with.
The goal of a phishing attempt is to trick the recipient into providing login credentials or other sensitive information. For instance, a phishing email appearing to come from a bank may warn the recipient that their account information has been compromised, directing the individual to a website where their username and/or password can be reset. This website will also be fraudulent, well designed to look legitimate, but exists solely to collect login information from phishing victims.
These fraudulent websites may also contain malicious code which executes on the user’s local machine when a link is clicked from a phishing email to open the website.
How to identify Phishing attacks
As noted above, phishing is most often initiated via email, but there are ways to recognise suspicious emails from legitimate ones. Training employees on how to recognise these malicious emails is a must for enterprises who wish to prevent sensitive data loss.
In many cases, these data leaks occur because employees were not armed with the knowledge they need to help protect critical company data. The following may be indicators that an email is a phishing attempt rather than an authentic communication from the company it appears to be.
- Emails with generic greetings
- Emails requesting personal information
- Emails requesting an urgent response
- Emails with spoofed links
When in doubt, contact the company in question to find out if the email is legitimate. If it is not, the company is now aware and can take action to warn others of potential phishing attempts appearing to come from their company.
Therefore, companies are exposed to risks which could disrupt business and potentially incur huge unexpected costs. It could also lead to loss of income and possibly reputational damage if companies are unable to trade. In addition, private information held on your employees and customers could be lost, damaged or stolen.
What can you do to protect your business?
TL Dallas has access to a number of insurers offering Cyber Liability Insurance to help limit the impact of any breach. We have detailed below how such a policy would work and the processes that would be put in place should a breach occur.
The policy is triggered either by:
- Loss or suspected loss of non-public data. This could be as a result of misplaced/lost/stolen files or electronic devices used to store, process or transmit data e.g. a laptop, or, a malicious act that erases, alters or destroys data, whether caused from within or outside your organisation
- Breach of privacy legislation, e.g. Data Protection Act 1998, or other similar privacy laws elsewhere in the world, or
- The negligent or inadvertent transmission of Malware (any code to erase, deny access to, corrupt, damage, disrupt any network or system or circumvent network security) to a third party
- Unauthorised Access – meaning access to, and use of your computer system or network infrastructure by any person not authorised to do so, including your employees
A breach could have a major impact on your company. Policies are therefore designed to support you throughout the process with an aim to get your business back up and running as quickly as possible. Typically, you would have one point of contact throughout who would work with you, leading and managing the incident response, tailoring the recovery programme to your needs. The devil is in the detail. Key points to remember:
- Cyber frauds are unlikely to be covered under fidelity wordings or under ‘crime’ extensions to management protection contracts
- Cyber wordings on the cover are continually evolving – take care and read all the terms and conditions
- Be cautious of ‘knowingly surrendered’ exclusions – these will really impact the cover where an insured has been duped
- Be cautious of ‘social engineering’ exclusions or sub limits
Contact your TL Dallas broker for advice or speak to Mike Martin or Matt Smith on 01274 456500 or email firstname.lastname@example.orgemail@example.com for further details.
*Source: The Cyber Security Breaches Survey 2017