A recent cyberattack on a major software provider for the payroll and pensions sectors has resulted in some of the UK corporate sector’s biggest names having employees’ data exposed, with names, addresses and banking details of over 100,000 people possibly in the hands of criminals threatening to publish these details on the dark web.
This major attack on large corporate sector businesses should remind SMEs that they may also be vulnerable. This breach exploited a system weakness and exposed a ‘zero-day vulnerability’ – one in which the attack exploited a previously unknown flaw in a system which allowed hackers access to extract data without being detected.
According to cybersecurity experts, the attack appears to have been carried out by an experienced hacker gang. The many people impacted are being warned to update passwords and be extra-vigilant about unexpected emails and phone calls. Stolen data is highly likely to be used for phishing activity and identity theft – scenarios where criminals send out devious requests for money transfers, banking details or other information that facilitates financial fraud.
Burying one’s head in the sand with regard to cybercrime is unwise. No business, of any size, is off the radar of cyber criminals. Selling consumer data into the dark web is profitable business, no matter where it has been harvested. If ransom money can also be earned from those seeking to prevent their data hitting the dark web, or wanting to have encrypted systems restored quickly, it’s even better news for the cyber criminals. Breaches create numerous opportunities to ‘earn’.
If the attention of online fraudsters falls upon your business, you would undoubtedly benefit from a combination of expert help from IT and cybercrime specialists, and may also need compensation for financial losses incurred. You might also have to defend a data protection case brought against you, if customer data is exposed.
Such situations leave some victims floundering, especially if businesses have no or limited cyber insurance cover, or have assumed that other types of insurance policy would pay out or step in, if an attack occurred. Some have no access to expert IT advice that can assist the minute a breach happens. As a result, they have no idea how to proceed, or how to source help, when they need urgent assistance.
This is why good quality cyber insurance is a must for all businesses, and why we would welcome the opportunity to discuss possible cyber chinks in your business armour. We can guide you through the various layers of cyber insurance protection and highlight what best suits your business, helping you make the right decision with regard to the cover you buy. Before this happens to you, get in touch. We can help you get the right cover in place, so that your business can react as fast as possible, and not go up in cyber smoke.
For more information about cyber insurance cover, feel free to call Ethan Jefferies on 020 8353 8969.
Ethan Jefferies Cert CII
Commercial Account Executive