We’re now frequently hearing about large Government departments and corporations being targeted by cyber criminals, both in Australia and overseas. Consequently, there has been a dramatic increase of Ransomware and Social Engineering notifications and claims currently being experienced by Cyber Insurers.
The more common social engineering scams are used by hackers to deceive and manipulate victims into giving out confidential information and funds. These hackers exploit individuals’ trust in order to discover their banking details, passwords or other information to cause a payment to be made to the hacker’s bank account. The scams are predominantly carried out online, for example by email or through social networking sites, however, they can occur by telephone or in person. There are numerous well-known types of social engineering scams that includes supplier invoice fraud, data theft, phishing attacks or hacking of email accounts.
However, Cyber attackers are also evolving their business models to create more sophisticated, three-staged attacks. They use data exfiltration and encryption, followed by extortion, to steal organisations funds. The stakes are much higher and quite often, a business doesn’t fully appreciate the value of all its assets and the attractiveness of them to cyber criminals, until they’re sabotaged.
Businesses need to:
• Understand their information assets and data
• Assess their material risk and vulnerabilities
• Update business critical systems and test data backups
• Classify information assets and third-party arrangements
• Test and update incident and breach response plans
• Ensure logs capture useful information for incident investigations
• Establish rigorous oversight of outsourced services and third-party risks
• Implement continuous awareness training programs.
The Australian Cyber Security Centre (ACSC), run by the Australian Federal Government, has an informative website for all Australians to access with ideas & guides on how to keep Cyber safe, including the ability to report a Cyber Crime. You can access this website here:
https://www.cyber.gov.au
ACSC have also produced a Small & Medium Business Cyber Security Guide that is worthwhile reviewing.
https://www.cyber.gov.au/acsc/view-all-content/publications/small-business-cyber-security-guide
We hope you find these resources valuable reading, however the final line of defence for your business is to invest in a Cyber Insurance policy that can also include cover for criminal financial loss & social engineering theft.
Planned Cover have access to many Cyber Insurer’s policies and is able to assist you with sourcing the best cover for your business’s needs.
If you would like any further information or would like to discuss Cyber Insurance covers please contact your Account Manager or State Branch.
