danlawrie.com

5 Types of Cyber Attacks That Threaten Small Businesses

Small businesses face a high risk of cyber attacks and could have to front $46,000 or more per cyber security event. Read on to learn more about the common cyber attacks that threaten small businesses.

WannaCry Ransomware Attacks Impact 200,000 Users in 150 Countries

Using a tool that was allegedly stolen from the U.S. National Security Agency, cyber criminals exploited a flaw in Microsoft’s Windows system in order to spread malware dubbed WannaCry. Read on to learn more.

6 Considerations When Buying Cyber Insurance

Unlike other forms of insurance, cyber insurance is not a one-size-fits-all approach. Read this article to learn what items you should keep in mind when building the perfect cyber policy.

5 Types of Cyber Attacks That Threaten Small BusinessesBecause news surrounding data breaches often highlight major companies like Target or Yahoo, it’s easy to think of cyber attacks as a big business problem. However, small businesses are just as much at risk and could have to front $46,000 or more per cyber security event. As such, it’s important to be aware of the following five common cyber attacks that threaten small businesses:

1. Denial-of-service attacks (DoS). A DoS attack occurs when a cyber criminal sends a large amount of data from multiple computers in order to overwhelm your system and shut it down. This attack can result in a direct loss in revenue, as your website could be down for extended periods of time.

2. Inside attacks. Cyber attacks don’t always come from outside sources. In some cases, a disgruntled employee who has access to your system can hijack your critical data and hold it for ransom.

3. Malware. Malware is any malicious software that can be used to gain access to your system and cause damage. Typically, malware refers to worms, viruses and ransomware.

4. Password attacks. Password attacks are when hackers crack your password and gain access to your system. This type of attack can be difficult to defend against because it doesn’t always require a malicious code or software.

5. Phishing. Phishing is a cyber attack in which a hacker disguises him- or herself as a trusted source in order to acquire sensitive information. This can be accomplished via email or other direct forms of online contact.

To protect themselves from all types of cyber breaches, small businesses should consider evaluating their systems for exposures on a regular basis. In addition, it is important to train workers on cyber security and ensure that antivirus and other protective measures are up to date and operational.

This publication is for informational purposes only. It is not intended to be exhaustive nor should

any discussion or opinions be construed as compliance or legal advice. In relation

to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly.

WannaCry Ransomware Attacks Impact 200,000 Users in 150 CountriesUsing a tool that was allegedly stolen from the U.S. National Security Agency, cyber criminals exploited a flaw in Microsoft’s Windows system in order to spread malware dubbed WannaCry. Initial reports indicate that the WannaCry attack used ransomware to hijack computer systems and demand money in the form of bitcoin, a type of digital payment system.

The attack, which took place in early May, has impacted over 200,000 users in at least 150 countries who hadn’t installed a security patch Microsoft Corp. released back in March. Notable victims include Britain’s National Health Service, FedEx Corp., Nissan Motor Co., Renault SA, and a number of banks and universities.

How Does WannaCry Work?

The virus itself contains two parts. The first part is the ransomware, which locks a computer and then displays a message demanding money.

The other part is the “spreader.” In essence, after a user opens an infected email attachment, the spreader transmits itself to other computers on the network.

The ransomware initially requests around $300 and, if no payment is made, it threatens to double the amount after three days and delete files within seven days. Once it infects one computer in a network, WannaCry can spread within seconds.

Because data security professionals often focus on blocking hackers from entering a system, in-network security measures tend to be more relaxed. As a result, WannaCry was easily able to exploit common file-sharing practices of employees in order to spread the virus quickly from computer to computer.

The WannaCry attacks illustrate the importance of ensuring that any and all software patches are up to date. In addition, every employee should be trained on cyber security and instructed to never click on suspicious emails or attachments.

Other precautions include updating your network, implementing the appropriate software patches, turning on auto-updaters and avoiding links from sources you don’t recognize.

6 Considerations When Buying Cyber InsuranceAs more and more companies have experienced data breaches in recent years, the market for cyber insurance has grown exponentially. However, unlike other forms of insurance, cyber insurance is not a one-size-fits-all approach.

Most cyber policies are offered a la carte, allowing policyholders to negotiate terms and conditions and purchase the coverage that fits their needs.

The level of coverage your business needs can vary depending on your range of exposure, and it’s important to work with a broker who can tailor a policy to match your business’s requirements.

The following are items to keep in mind when building the ideal coverage:

1. Limits and sublimits

2. Retroactive coverage

3. Exclusions

4. Panel provisions

5. Consent provisions

6. Vendor acts and omissions

Cyber insurance is a relatively new form of coverage—one that will continue to evolve alongside emerging cyber threats. As such, cyber insurance requires organizations to be proactive in assessing their risks and ensuring that their insurance coverages are in line with their specific business practices and exposures.

For more information on the items discussed above and how they may impact your policy, contact your insurance broker today.