Companies should be wary of being a little phish in a big ransomware pond

Companies should be wary of being a little phish in a big ransomware pond | Insurance Business

Companies should be wary of being a little phish in a big ransomware pond

With data breaches and ransomware attacks bringing some of the biggest companies to their knees in recent months, it’s clear that the cyberattack threat is continuing to increase as hackers become more sophisticated with their weapons of attack.

“The latest development in ransomware was Ryuk – the group uses bespoke malware and breach of the target network to significantly reduce the potential for recovery. With this additional effort came higher ransoms of £250,000-plus (approx. CA$400,000). We dealt with approximately 30 such incidents, all of which occurred just before Christmas,” said Mark Hawksworth (pictured above), global technology specialist practice group leader at Sedgwick. “The targets were widespread from logistics and service companies to printers and manufacturers. The common factor was that they were all high turnover – £40 million-plus (approx. CA$64 million).”

Small and medium-sized businesses are also vulnerable to cyberattacks, added Hawksworth, because there is usually a disconnect between these businesses and their IT service providers.

Since many hackers gain entry to companies’ networks through the practice of phishing, the best tactic for any and all businesses to defend against hackers lurking in suspicious emails is a lot more education. For one, phishing emails will be sent from addresses that don’t match the company name and the recipient might not be named specifically in the email. The email itself might also contain poor spelling and grammar, and it might be signed off by ‘The Webmaster’ or another name that doesn’t make sense.

“Placing emphasis on awareness by an organization’s leadership team is vital – education for all colleagues [focusing] on what to look out for is fundamental,” said Steve Crystal (pictured below), head of financial crime at Sedgwick. “It’s incumbent on each of us to work in a way that protects against risks and threats, and setting that tone from the top is key.”

That can be tough, however, because the phishing technique uses emails that often appear to originate from a trusted source or familiar brand, and at first glance the email appears authentic, resulting in a temptation for the recipient to be tricked into entering valid credentials on a counterfeit website.  

Read more: Brokers at risk due to lack of cyber insurance uniformity

“Businesses need to be mindful that often the email is sent to thousands of people, with the odds being that some of the recipients at least will be expecting some sort of contact from the genuine organization,” said Crystal.

While companies should be directing more energy into spreading awareness around phishing and what it looks like, brokers, too, can help their clients by providing a clear explanation of the full scope of their insurance, and educating themselves on what's covered and what's not in modern cyber policies.

“Simply put, they need to check if the policy fulfils their clients’ needs. The biggest issue we face when dealing with cyber claims is if the broker has purchased the wrong cover or if the limits are too low,” said Hawksworth.