Lloyd’s requirement for cyber war exclusion in Cyber Insurance policies is now a reality

Lloyd’s requirement for cyber war exclusion in Cyber Insurance policies is now a reality

Date

By March 2023, all cyber policies written by Lloyd's Syndicates and Lloyd's coverholders must include suitable war exclusions for losses resulting from state-backed cyberattacks, as announced by Lloyd's in August 2022. With this mandate in mind, the Lloyd's Market Association (LMA) developed four model cyber war exclusions as market standards. These exclusions exclude "cyber operations" and "war", both defined terms in the exclusions. The cyber war exclusion replaces long-standing war exclusions that lacked modern definitions and have become less relevant in the cyber world.

What Happened in the Not-Petya Cyber Attack


What happened in the “Not-Petya” attack in June 2017 best exemplifies the significance of the bystander cyber asset write-back. The US, UK, and Australian governments blamed the Russian military on behalf of the Russian government for the attack, which targeted critical infrastructure in Ukraine. The attack had an impact on some Australian businesses, including Cadbury.
With cyber-attacks on the rise and the lines between government-sanctioned actions and state-sponsored threat actors becoming increasingly blurred, protection for innocent bystander cyber assets is critical.


What is considered a cyber war?


A cyber war is a form of conflict between two or more nations or groups that involve the use of technology, particularly computer networks and the internet, to launch attacks on each other’s computer systems, networks, and infrastructure.

A cyber war may involve a wide range of activities, such as hacking, virus and malware attacks, denial-of-service attacks, and other forms of cyber espionage and cyber sabotage. The goal of these attacks may be to disrupt critical infrastructure, steal sensitive information, damage systems, or gain a strategic advantage over the opposing side.

The term “cyber war” is often used interchangeably with “cyber conflict” or “cyberattack,” but it generally refers to a more sustained and coordinated effort to disrupt or damage an opponent’s computer systems and networks rather than isolated incidents of hacking or cyber espionage.



Does the Australian government have a cyber war fund?


Yes, the Australian government has a cyber war fund known as the Australian Cyber Security Centre (ACSC) Fund. The ACSC Fund was established in 2016 to support cybersecurity initiatives and assist in protecting Australia’s critical infrastructure, networks, and systems from cyber threats. The fund is managed by the Department of Home Affairs and provides financial support for cybersecurity research, development, and education initiatives, as well as for the development and enhancement of cybersecurity capabilities within the government and the private sector. The fund is intended to support Australia’s efforts to defend against cyber threats, respond to cyber incidents, and build resilience against future attacks. Read more https://www.cyber.gov.au/acsc/small-and-medium-businesses

More
articles

What Is the Essential Eight Maturity Model

What Is the Essential Eight Maturity Model

Date

The Essential Eight Maturity Model is a framework developed by the Australian Cyber Security Centre to guide organizations in improving their cybersecurity posture. The model consists of eight mitigation strategies, including application control, patching applications, patching operating systems, privileged access management, endpoint protection, data backup, limiting lateral movement, and multi-factor authentication. The model is designed to help organizations assess their current level of maturity in implementing these strategies and provides guidance on steps to take to improve their cybersecurity posture. The mitigation strategies are considered essential because they can effectively address the most common cyber threats.

The Essential Eight Maturity Model

  1. Mitigation strategies
  2. patching applications
  3. patching operating systems
  4. privileged access management
  5. endpoint protection
  6. data backup
  7. limiting lateral movement
  8. multi-factor authentication

More
articles

Security risks in digital supply chain’s

Security risks in digital supply chain’s

Date

Production and supply chains are constantly yo-yoing in the midst of Covid-19life. From a digital perspective, Cyber supply chains are complex series of interactions across the lifecycle of all products and services used by an organisation. Think every time your business interacts with a supplier, orders from a manufacturer, distributor or retailer there is an inherent risk.

What happens if a one of these interactions or partners are targeted by cybercriminals? Supply chain risk mitigation is an essential component of risk management strategies and information security programs.

The more a business adds to its online ecosystem, the more opportunity cybercriminals have. Digital risks are the unavoidable byproduct of digital life, and when unaddressed, these risks can develop quickly into supply chain threats such as Ransomware attacks, Security breaches, Malware infection, and Intellectual property theft. But the risk for Cyber Supply chains dont stop there.

With many organizations relying on outsourcing to handle at least some aspects of their day-to-day operations, third-party risk should be front of mind. Supplier fraud, or vendor fraud events are becoming increasingly difficult to identify, as fraudsters commonly adopt advanced social engineering techniques, using everything from AI-generated voicemails and Deepfake video recordings. Fraud is still on the rise since its sudden prevalence during the pandemic. Australians have lost over $270,000 to these scams so far this year, an increase of 301%.*

Finally, Data integrity throughout the supply chain is a significant area of security concern. Security measures should ensure all data states are secure. Data encryption practices are especially important between third-party integrations because hackers know that a target’s third-party vendor likely has access to their sensitive data. Earlier this month, Email marketing service Mailchimp revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks.

Cyber insurance can help cover financial losses to your business, your customers and other parties following a cyber security breach. It is important to understand the PDS of the Cyber policy chosen to ensure you are adequately covered, as not all policies offer protection from all the security risks noted.

Speak to our team to find out how we can assist business owners with peace of mind and protection against cyber-attacks, such as computer hacking, ransomware and data theft. Keep in mind, what is covered and what is excluded will vary between policies, it is important to work with your Cyber Insurance Comparison Broker to ensure your Cyber policy is suitable for your needs.

Article originally shared via Ausure.com.au

More
articles

Cyber Threat – What is the vulnerability log4j?

Get Cyber Quotes For Your Business

Cyber Insurance Comparison – Compare leading Australian Insurers like AIG, Allianz, Brooklyn Underwriting, CGU, Chubb, Dual, Emergence and Zurich.

What is the vulnerability log4j?

Log4j is used in many forms of enterprise and open-source software, including cloud platforms, web applications and email services, meaning that there’s a wide range of software that could be at risk from attempts to exploit the vulnerability.

What we know

A member of Alibaba’s cloud security team discovered a dangerous vulnerability known as Log4Shell, which has affected the likes of iCloud, Steam and Minecraft–and poses a real threat to businesses more generally.

What is the vulnerability in log4j?

The vulnerability can be exploited by using a single line of code and allows attackers to execute remote commands on a victim’s system. It can be exploited by attackers to take control of any Java-based web server and carry out remote code execution (RCE) attacks.

Actions to take

  1. Install the latest updates immediately wherever Log4j is known to be used

This should be the first priority for all organisations using software that is known to include Log4j.

  1. Discover unknown instances of Log4j within your organisation

To support the first priority action above, you also should now determine if Log4j is installed elsewhere. Java applications can include all the dependent libraries within their installation.

  1. If you are a developer of any affected software, the ACSC advises early communication with your customers to enable them to apply mitigations and install updates where they are available.

Assistance / Where can I go for help?

The ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ACSC via 1300 CYBER1.

Could a cyber risks cause disruptions to critical business infrastructure

Cyber Risks to critical business infrastructure

When a scheduled flight of a wide-body airliner is cancelled it can cost the airline up to $43,000. So you can imagine what kind of day executives at LOT, the Polish national airline, were having last year when 20 flights were cancelled after computers that issue its flight plans were breached.

“The aviation industry’s growing reliance on data networks, and onboard computer and navigation networks, is rendering it increasingly vulnerable to cyber risks,” says Erlend Munthe-Kaas of Bloomberg Intelligence. “Airlines rely on computers for almost every aspect of operations. As a result, cyber incidents can have devastating consequences, including business interruption and loss of reputation.”

“There’s beginning to be a shift beginning to educate businesses to see the wider, deeper cyber risks picture that in many cases has gone unacknowledged.”

Think of it as cyber creep. The risks aren’t just about protecting your customer’s data, although that remains important. They are insinuating themselves into every nook of your business, creating the possibility of mass disruption to operations and critical infrastructure. As the world becomes more connected, and businesses rely more on machine-to-machine communication and automated manufacturing, the cyber risks pile up. One day, production might grind to a halt. Critical transactions might not take place. Shipments could be steered to incorrect destinations. Planes might not take off.

(more…)

Cyber Attacks Rise In Australia

Cyber Attacks Rise In Australia

Cyber Attacks on the Rise

Over the 2020-2021 financial year, the coronavirus pandemic forced businesses to expand the boundaries of Australia’s computer networks, pushing corporate systems into homes across the country as a large percentage of the workforce shifted to working remotely. 

September saw ACSC annual cyber threat report released with contributions from the Defence Intelligence Organisation (DIO), Australian Criminal Intelligence Commission (ACIC), Australian Security Intelligence Organisation (ASIO), The Department of Home Affairs and industry partners.

Cyber “actors” repeatedly took advantage of Australia’s heightened vulnerability during this time to conduct cyber espionage, steal money and sensitive data.

The ACSC received over 67,500 cybercrime reports, an increase of nearly 13 per cent from the previous financial year. The report cites cyber-attacks are occurring (on average) every 8 minutes. The average loss for per successful event has increased to more than $50,600– over one-and-a-half times higher than the previous financial year.

It’s no longer just big businesses being targeted either. Small to medium businesses; families and individuals were all targeted by criminals or actors. Malicious actors exploited the coronavirus pandemic environment by targeting Australians’ desire for digitally accessible information or services.

Emails were regularly associated with COVID-related topics, encouraging recipients to enter personal information to access COVID-related services or information. Over 1,500 cybercrime reports of malicious cyber activity related to the coronavirus pandemic (approximately 4 per day).

Australian businesses are losing significant amounts of money through Business email compromises. Business email compromise often involves cyber criminals compromising a business or personal email account and impersonating a trusted supplier or business representative to scam victims out of money or goods.

Total losses were approximately $81.45 million (AUD) for the 2020–21 financial year, an increase of nearly 15 per cent from the previous financial year. Average loss per successful Business email compromise transaction also increased, by 54 per cent – in one case, Business email compromise led to the bankruptcy of a company.

Ransomware still poses one of the most significant threats to Australian Businesses. The report details a 15% increase in ransomware cybercrime reports over the 2020-2021 financial year. Along with Fraud, online shopping scams and online banking scams were the top reported cybercrime types. The highest proportion of cybercrime reports made in the 2020–21 financial year were made from entities or individuals in Queensland and Victoria, accounting for approximately 30 per cent each.

Cyber insurance can help cover financial losses to your business, your customers and other parties following a cyber security breach. Speak to our team to find out how we can assist business owners with peace of mind and protection against cyber-attacks, such as computer hacking, ransomware and data theft.

How to protect yourself from cybercrime

How to protect yourself from cybercrime

While you’re on your phone or laptop, would you like a crash course on cybercrime and how you can be protected? If the answer is no, then you probably already have cyber insurance cover on your business or home. If yes, read on...

What is cybercrime?
Basically, it is identity theft, online scams, cyberbullying and financial fraud, committed via computers or other digital devices.


Who does it relate to?
These numbers tell the story. Maybe you are less exposed if you live in a cave, off the grid in the middle of Australia with no phone and internet. But even then, you have some details recorded on the internet like your Tax File Number, and registered address for your cave…

sourced from Emergence

Even if you take out cyber insurance, what are your responsibilities?
Don’t re-use passwords or share passwords. Make sure to use multi-factor authorisation, like when you get a verification code as an SMS. Aside from that, generally, be vigilant, ensure you’ve installed good anti-virus software on your devices and don’t open links you’re unsure of. We can all do more, but this is a good start

Small business claim example

Compare Cyber Insurance Policies 5 Staff

Compare Cyber Insurance Policies $1M turnover

BACKGROUND

The Insured’s employee inadvertently misplaced a company laptop, which contained a list of 1000 client tax records and credit card details.

OUTCOME

A total cost of $250K was paid for the cost of notifying the affected individuals and the privacy commissioner of the data breach. This also included the costs incurred in retaining a Public relations firm to assist the insured in re-establishing their business reputation. 

Payment: $250,000

Cyber Crime

If you’re reading this article and you’ve never thought about protecting yourself, your family or your business against cyber offences,

Share This Post

More To Explore

News

Lloyd’s requirement for cyber war exclusion in Cyber Insurance policies is now a reality

By March 2023, all cyber policies written by Lloyd’s Syndicates and Lloyd’s coverholders must include suitable war exclusions for losses resulting from state-backed cyberattacks, as announced by Lloyd’s in August 2022. With this mandate in mind, the Lloyd’s Market Association (LMA) developed four model cyber war exclusions as market standards. These exclusions exclude “cyber operations” and “war”, both defined terms in the exclusions. The cyber war exclusion replaces long-standing war exclusions that lacked modern definitions and have become less relevant in the cyber world.

News

What Is the Essential Eight Maturity Model

The Essential Eight Maturity Model is a framework developed by the Australian Cyber Security Centre to guide organizations in improving their cybersecurity posture. The model consists of eight mitigation strategies, including application control, patching applications, patching operating systems, privileged access management, endpoint protection, data backup, limiting lateral movement, and multi-factor authentication. The model is designed to help organizations assess their current level of maturity in implementing these strategies and provides guidance on steps to take to improve their cybersecurity posture. The mitigation strategies are considered essential because they can effectively address the most common cyber threats.

Refresh your Cyber Security habits

3 Tips for Cyber Security

Cyber security may not be the most exciting topic, but it is extremely important and it is everyone’s responsibility. There are some really basic things you can do to really increase your own security, both when doing business, as well as in your personal life.

Cyber Security

Cyber Security Tips

3 Tip for Cyber Security

Cyber security may not be the most exciting topic, but it is extremely important and it is everyone’s responsibility. There are some really basic things you can do to really increase your own security, both when doing business, as well as in your personal life.

Don’t reuse passwords

I’m sure you hear this one a lot, but a lot of times it’s not explained why!

Let’s say you sign up for the website www.reallyfancyclothes.com to do some shopping. You use your Gmail email address and the same password as the email address. Two months later, news breaks that reallyfancyclothes.com had their customer database hacked and all emails and passwords were stolen.

These hackers will use programming to test all those email/password combinations. Within a few minutes, they are in your Gmail account, because you haven’t secured it with multi-factor authentication!

Now that these hackers are in your Gmail, they are able to see what other websites you’ve signed up for. They can start either logging in using that same stolen password or doing a password reset to your email that they are logged into. Soon, all your accounts are stolen and you’re completely locked out of everything!

Always use Multi-Factor Authentication

You’ll notice in the above that I specified that the hackers were able to enter due to no Multi-Factor Authentication (MFA).

This is critical and is one example of why IT people use the term “defence in layers”.

Should you make the cardinal mistake of reusing passwords, you may still be saved by having MFA.

You will be familiar with this, it’s where you get a text with a one-time-use code, or you need to open an authentication app to get a short-lived code. MFA is not fool-proof, and there have been cases of people using social engineering to bypass these – but that’s why you have layers of security!


Never share passwords

Sometimes it may seem super easy and convenient to give your password to someone to log into your computer for you, but this is another cardinal sin of cybersecurity.

Once someone else knows your password, your account is no longer considered secure. You never know how that person is keeping that password (Did they write it down on a sticky note on their screen? Are they giving it to someone else to log in to?), and you can never know exactly what they will do under your login. And it’s not a stretch to imagine that someone working nearby may overhear your password, and then they can log into your account and wreak havoc!

 

David Boyes

Ausure’s Cyber Security Team Lead

Compare Cyber Insurance Policies

Compare leading Australian Insurers like AIG, Allianz, Brooklyn Underwriting, CGU, Chubb, Dual, Emergence and Zurich.

Compare Quotes

Cyber security is vital when working from home

In the wake of the pandemic outbreak, cyber insurance Emergence has released some details on how to manage cybersecurity for people working at home

On 11 March 2020, the World Health Organisation declared the outbreak of COVID-19 a pandemic, and the emergency has continued to escalate.

Businesses around Australia are seeking ways to protect their staff from COVID-19.

Working from home

Instructing staff to work remotely may be one way of minimising the spread of the virus. However, remote work arrangements can have security implications and cybercriminals may attempt to take advantage of that. We are already seeing COVID-19 scams being transmitted via text messages.

See Emergence’s LinkedIn for more information.

The cyber risks of flexible work arrangements could include malware infection, unauthorised access, data security, and insecure devices used by staff.

It’s important that businesses and their staff ensure remote access to business networks is secure, so they aren’t vulnerable and business information isn’t exposed.

How do I stay safe?

Ensuring good cyber security measures now is the best way to address the cyber threat.

Consider implementing these proactive strategies:

•    Review your business continuity plans and procedures
•    Ensure your systems, including virtual private networks and firewalls, are up to date with the most recent security patches
•    Implement multi-factor authentication for remote access systems and resources (including cloud services)
•    Ensure your staff and stakeholders are informed and educated in safe cyber security practices, such as identifying socially engineered emails and messages
•    Ensure your data is backed up daily and automatically
•    Increase your cyber security measures in anticipation of the higher demand on remote access technologies by your staff, and test them ahead of time
•    If you use a remote desktop solution, ensure it is secure
•    Ensure staff working from home have physical security measures in place. That minimises the risk of information being accessed, used, modified or removed from the premises without authorisation
•    Ensure your work devices, such as laptops and mobile phones, are secure
•    Ensure you are protected against Denial of Service threats.

Need more help?

The Australian Signals Directorate’s Australian Cyber Security Centre has produced some excellent advice to help businesses stay secure from cyber threats while managing remote workforces. Click here for more information or go to:
www.cyber.gov.au/news/cyber-security-essential-when-preparing-covid-19.

Coverage under Emergence’s cyber policy 

The Emergence cyber policy was designed with working remotely in mind. The policy covers IT infrastructure owned, leased, rented or licensed (for example, cloud or SaaS solutions) by the insured and used in conducting the insured’s business.

That means if a cyber event emanates from a computer or laptop or other device being used by the insured’s employees at home, the policy will respond to cover the cyber event for response costs, loss of profits and any potential litigation that may arise.

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

 

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

Cyber Criminals Using Social Engineering to Defraud Businesses

Social Engineering to Defraud Businesses

New research from US-based cybersecurity company FireEye, which analysed 1.3 billion phishing emails in Q1 2019, has found three big emerging trends.

Cybercriminals are increasingly using impersonation in phishing attacks, with the rate up 17% from Q4 2018, primarily by imitating well-known brands. Microsoft spoofs accounted for almost a third of the Q1 attacks, plus OneDrive, PayPal, Apple, and Amazon were impersonated. Cyber crims also impersonate CEOs and other senior corporate officers to request changes to bank account information.

A second trend is using HTTPS (hypertext transfer protocol secure) for malicious phishing sites, which jumped 26% in Q1 2019. HTTPS can give a false sense of security because there’s a misconception the protocol is only identified with legitimate, safe sites.

A third trend is hosting malicious files on trusted, cloud-based, file-sharing sites, such as Dropbox, Google Drive, and OneDrive. That means links don’t look suspicious and can get through email filters.

Gerry Power, National Head of Sales at award-winning Emergence Insurance, says social engineering advice is one of the most frequent requests from brokers seeking information for their clients.

 

Cyber Criminals Using Social Engineering to Defraud Businesses

Socially engineered theft or ‘hacking the human’ is a trending exposure in Australia and globally today. Most breaches are caused by employees opening phishing emails that have already made it through existing technology defenses.

It can take hundreds of days to find out you’ve been compromised. Clicking on one phishing email can enable a criminal to infiltrate a company’s system, escalate their access and privileges, and steal the company’s crown jewels, clean out the bank accounts, or develop fake invoices.

Gerry says many people think they’re adept at spotting scams, but the task is getting harder as cybercriminals broaden their reach and methodologies.

Organisations need better training and education and heightened awareness to get a step ahead. They also need insurance as a last line of defence.

Emergence’s Criminal Financial Loss cover option has been designed to provide cyber insurance protection for financial loss, be it cash, accounts receivable or securities associated with a company’s business being hacked or a social engineering attack causing direct financial loss from an electronic funds transfer to an unintended third party.

A cyber insurance policy is part of every successful business’s risk management framework, but it’s not the first line of defence against Social Engineering to Defraud Businesses.

Cyber insurance is designed to protect a business when its IT security, policies and procedures fail to stop an attack. But no amount of risk management can get you out of the sights of a determined cyber attacker.

FireEye’s report says threat actors are “doing their homework” and developing new variants of impersonation attacks that target new contacts and departments within organisations.

 

 

Source: Emergence

 

Compare Cyber Insurance

Cyber Insurance Comparison

 

Please note Cyberliabilitycomparison.com.au Insurance News is an information service sometimes provided by third parties Insure 247 Australia doesn’t warrants the accuracy of any information contained there in, readers should make their own enquiry’s before relying on information in the stories Terms of Service

 

Please note that any advice given has been provided without taking into account your objectives, financial situation or needs. It is also based on information we have obtained from you. You must ensure the information is accurate and complete. Otherwise, this advice may be based on the inaccurate or incomplete information. You should consider whether the advice is appropriate in light of your objectives, financial situation and needs

 

Cyber criminals are getting smarter at using social engineering to defraud businesses