Looking back on 2018, it’s hard not to dwell on the reports of cyberattacks that have dominated the news, and unfortunately shows no signs of slowing down. A recent report from The World Economic Forum (WEF) put cyberattacks first on the list of concerns for business leaders ahead of terrorist attacks, weapons of mass destruction, and extreme weather. In 2019 we will no doubt see a staggering rise in losses due to cybercrime – in fact damage related to cybercrime is projected to hit $6 trillion annually by 2021.
Where previously some of the prime targets of cyber criminals have been banks and financial institutions, their focus has now shifted as these security savvy organisations have begun heavily investing in more sophisticated cybersecurity protection. This is bad news for other sectors, as cyber criminals turn their attention to organisations with a less mature security posture. Cyberattacks on the insurance industry for example are increasing (Accenture estimates the average insurance company will experience more than three effective attacks per month) and this is hardly surprising when the global insurance industry is estimated to be worth close to $1 trillion annually. While insurers are focused on providing protection for other businesses, they themselves seem to be wide open to becoming the target of the next big data breach.
In order to effectively offer coverage and protection to their customers, insurers must be sure that their own cybersecurity is up to the task. Unfortunately, it’s less a case of whether you will be attacked, but a question of when an attack will happen.
The landscape of cybersecurity risk
Worldwide regulatory bodies have been forced to take action in light of the growing threat to individuals’ personal data. Financial services and insurance organisations are now subject to rigorous cybersecurity compliance regulation, such as the GDPR, which places the burden of ensuring adequate data protection on the companies themselves.
As services become increasingly digitised, and combined with distributed service models, there are a host of cyber threats facing insurers, both large and small. Yet many have a lot of catching up to do in terms of shoring up their security infrastructure. Below we list some of the top threats facing the insurance sector:
The top three cyber threats
- Malware and Ransomware
Through man-in-the-browser techniques, keystroke logging, and form grabbing, malware allows attackers to steal their victim’s information. Once an attacker obtains a user’s credentials they can perform fraudulent activities in their name. Ransomware allows an attacker to hold personal data to ransom, and, worryingly, ransomware as a service (RaaS) is a growing business model.
- Insurer-driven risk
Insurers, like many companies, are investing heavily into consumer services and mobile applications for their customers. This may enhance the customer experience, but the more services there are, the broader the attack window.
- Distributed Denial of Service (DDoS)
The largest ever DDoS attack took place at the start of 2018, hitting 1.7 Terabytes per second (Tbps), and it is predicted that more and more insurers will be targeted with such attacks, paralysing their systems and leaving the door open for criminals. DDoS attacks can cause significant damage to insurers through disruption, combined with significant remediation costs and customer compensation.
Other threats to protect against include ‘hacktivism’, the process of hackers attacking insurers because of grievances held against a particular organisation; and cryptomining, in which, thanks to the popularity of cryptocurrencies, hackers target powerful computational resources in order to mine for cryptocurrencies. This mining pool negatively affects the host’s performance due to computational overload, and an infection may go undetected for many months. Site impersonation and spoofing to gain valuable customer information is also a pervasive problem.
So how can insurers protect themselves and their customers?
Ultimately, it all comes down to making the right investments. Insurers need to stay one step ahead of their attackers. Innovation within the company and collaboration with external suppliers helps assess and strengthen an organisation’s cyber resilience in critical areas.
While making sure your cybersecurity infrastructure is up to date and managed effectively is important, threat intelligence also plays a key role when it comes to protecting insurers from cyberattacks, meaning you can direct scarce cybersecurity resources where they are most needed.
Worldwide, most IT teams lack the technology and resource to automate threat collection, correlation and analysis. Threat intelligence, however, allows security teams of all sizes to focus their resources – which are often limited – on the most crucial threats targeting their networks and infrastructure. It can also crucially help insurers define what is of interest to attackers, where these assets are located and how they can be accessed and protected.
Proactive threat detection and monitoring through threat intelligence should be supplemented by a process of continuous cyber-hygiene practices and steps that users of computers and other devices can take to maintain system health and improve online security within the organisation. This can help prevent attacks as well as mitigate their impact when one happens. To do this, insurers need to create a culture of cybersecurity, training employees so they recognise the importance of cybersecurity and understand the basics, such a password protocol, policies and processes that need to be adhered to.
Cybersecurity is everybody’s job – not just the remit of the IT team. The sooner insurers realise this, the more secure the information they hold will be, ultimately ensuring the safety and trust of their customers.
The above was an opinion piece written by Liv Rowley (pictured), threat intelligence analyst, Blueliv. The views expressed within the article are not necessarily those of Insurance Business.