Cyber Attacks

That recent late night trip to Applebee’s for half price appetizers might have resulted in your payment card information being exposed in this malware attack. According to RMH Franchise Holdings, of their 167 Applebees locations, 166 of them (across 15 states) suffered a data breach through their POS systems. 

Although it’s still unclear the amount of customers affected by the hackers, RMH stated that the data breach occurred between Nov. 23rd and Jan. 2nd, which could result in a massive amount of exposures. Consumers should avoid using a debit cards to pay for anything because not only will funds immediately disappear from your account, but the recovery process is more tedious and troublesome than credit cards.

Since the attack, RMH has contacted computer forensic experts, local law enforcement and potentially PR consultants and data breach attorneys, all billing at an hourly rate. Additionally, they are working with card issuers to track down and flag affected cards, which will most likely result in credit monitoring costs.

Business owners! Evolve MGA offers hacker insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Our team of Cyber Insurance Specialists are here to provide Free Quotes to business owners who are looking for coverage.

If you’d like to read more about this recent Applebee’s data breach, click here.

Cybercriminals are getting smarter…but the victims aren’t.

To elaborate on the level of ease it is for some hackers, a small town municipality in Washington suffered, not one, but two ransomware attacks over the course of three months. The first attack resulted in $49k to be wired to a hacker by the financial coordinator who was fooled by an email scam. The second attack resulted in the municipality wiring $10k in Bitcoin just to regain access to the city’s computer system that was locked down.

Municipalities, local governments, and hospitals are seen as low hanging fruit to many cybercriminals, as their systems are usually outdated, employees are not versed in security practices, their bank accounts are attractive, and they lack awareness (hackers have been added to city payrolls and paid on monthly retainers). 

Having said that, hackers also undergo extensive research to ensure successful heists. They read and imitate writing styles, understand relationships and nicknames, and ultimately disguise themselves as the decision makers (in this case, the Mayor).

Evolve MGA‘s hacker insurance protects businesses in the event they experience cyber attacks. Head over to our website to receive a FREE quote!

If you’d like to read more about this small town and the hacks they’ve had to deal with, click here.

Github — a popular software development platform — suffered the largest distributed denial of service (DDoS) attack ever recorded against a single website this past week. This DNS amplification attack resulted in over 1.35 terabit-per-second hit, which knocked Github offline a number of times since the attack began. An amplification attack like this occurs when cybercriminals spoof their IP address to look like their victim’s. The attackers sent fraudulent requests to a free & open source, high-performance, distributed memory object caching system (memcached server), which are databases that are supposed to help speed up networks, but because they are public to the internet, they are inadvertently exposed and often subject to attack.

Due to the manipulation abilities of an amplification attack, Github’s server was pinged by what it thought was normal requests, but instead, the response packets were much larger than the original queries, so an attacker with 1-gigbit-per-second capacity ultimately launched a 100-Gbps attack. According to Akamai, a cloud computing services company, when an attacker performs an amplification attack against thousands of memcached servers, you get a “memcrash” as huge amounts of data are sent against the unsuspecting victim by the gullible servers.

According to the article, Github wasn’t the only website (Company) to experience this DDoS attack, which had lead to these companies scrambling to 1) find out who is responsible for this massive attack, and 2) how to stop something like this from happening again (an attack that according to security experts, will occur more frequently and with larger consequences).

Evolve MGA provides hacker insurance that protects businesses in the event they experience similar cyber attacks. If you’re interested in receiving a hacker insurance policy, let our cyber insurance specialists equip your business or retail insurance broker with a FREE quote!

If you’d like to read more about this DDoS attack, click here.

23,000 digital certificates were “compromised” after a plain-text email sent from Trustico to Digicert contained private keys that were supposed to be revoked by Digicert. Although it’s unclear if any businesses were actually attacked due to this security scramble, it has been communicated that all of these certificates could be at risk of being exposed to a malware or man-in-the-middle style attack. 

In short, digital security certificates create an encrypted connection utilized by consumers and businesses through security applications of public key infrastructure (PKI). PKI’s are comprised of technology that enables secure e-commerce and internet based communication, but if the browsing traffic is intercepted (man-in-the-middle) and the traffic is decrypted, hackers can expose the information and ultimately infect the victim’s computer or system. In the event that a hacker uses digital certificates to push malware, the cybercriminal can manipulate the code so that your computer or device accepts (trusts) the malicious Trojan code as legitimate.

Evolve MGA‘s hacker insurance protects businesses in the event they experience cyber attacks. If you’re not insured or you’re looking to get the broadest cyber insurance policy on the market, our cyber insurance specialists are here to provide you a FREE quote!

To no surprise, malware threats have gotten to the point where they can skate by antivirus engines without being detected, despite available on underground markets for years. Coldroot, a cross platform remote access trojan (RAT) was uploaded to Github in March of 2016 and has been widely used to target MacOS, Linux, and Windows systems to steal user credentials. 

According to Digita Security, the RAT disguises itself as an Apple audio file titled as “com.apple.audio.driver2.app”. Once clicked, the malware prompts the user to enter their credentials, which then accesses the user’s database and performs widespread keylogging attacks.  In addition to accessing passwords, the malware can essentially control the user’s computer by renaming and deleting files, executing or killing processes, uploading and downloading documents, and remotely viewing the user’s screen in real time, which ultimately puts individuals and businesses at risk of being exposed.

Evolve MGA‘s hacker insurance protects businesses in the event they experience cyber attacks. If you’re not insured or you’re looking for a broader cyber policy, our cyber insurance specialists are here to provide FREE quotes!

If you’d like to read more of this article, click here.

It’s no surprise that as cyber attacks become more and more common, so does the reports surrounding financial losses among companies and industries as a whole. Security firms like Accenture and Ponemon Institute are continuously educating the masses with their research in order to shed light on the increasing risks associated with cyber attacks. Throughout the past years, wire transfer fraud, ransomware, and malware have become arguably household names due to the popularity of these attack strategies and the lucrative results that hackers have gained from them.

Since the establishment of Evolve MGA, we have been educating insurance agencies and companies about the importance of hacker insurance. Studies continuously show the rate of cyber attacks are increasing in numbers, as well as in magnitude of each of the attacks. Hackers are becoming more innovative and bullish when it comes to not holding back, which if not prepared, can cause disasterous affects on companies of all sizes.

Accenture and Ponemon Institute’s report, 2017 Cost of Cyber Crime Study, depicts the rate and expense at which companies in particular industries are affected by cyber attacks. Based on the average annualized cost by industry sector (in $ millions), the financial services sector was found to incur cyberattack-induced cost of nearly $18.3 million per firm in 2017 following on from an increase of 10 percent year-over-year, and 40 percent since 2014, according to the report. Rounding out the top 3 affected industries were the utilities and energy ($17.2 million), followed by aerospace and defense ($14.5 million).

According to the report, malware and web-based attacks were pegged as particularly costly from among nine attack methods under review, as the annualized costs faced by companies due to specifically these types of attacks reached $2.4 million and $2 million, respectively.

All in all, this report provides the macro view of the direction and speed at which cyber attacks are progressing, which ultimately leads to more and more businesses being at risk of experiencing a breach of some sort. Contact our team to learn more about the benefits of being equipped with hacker insurance and head over to our homepage to receive a FREE Quote.

If you’d like to learn more about this report and a particular industry, click here!