Skip to main content
Category

Cyber Attacks

evolvemga
In Cyber Attacks

Chinese Shipping Company Hit With Massive Ransomware Attack!

Evolve MGA Cyber Insurance

The Chinese shipping and logistics company, Cosco was recently hit with a massive ransomware attack, which resulted in eight of their major offices knocked offline. According to the China Ocean Shipping Company, they were able to stabilize their networks across the 27 offices they have in North and South America, which were initially shut down to investigate the attack.

According to Cosco, they have implemented contingency plans, such as transfer of operations and conducting operation via remote access, to ensure continuous service in the Americas. During the network failure period, there could be delays in service response in the Americas. As we have seen in the past with similar attacks, businesses being affected by network vulnerabilities result in business interruption, financial losses, and reputational harm.

Had Cosco had a cyber insurance policy in place, it’s likely that they would be protected from business interruption, financial loss, as well as additional expenses associated with any cyber attack.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this ransomware attack, click here.

evolvemga
In Cyber Attacks

Best Ways To Prevent Your Business From Being Hacked

Evolve MGA Cyber Insurance

Regardless the size of your business or the industry in which you do business, it’s inevitable that a hacker or cybercriminal group has or will attack your business in some way or another. With innovation and advanced skills comes automation and a means to target businesses utilizing brute tactics on a grand scale. However, according to cyber security analysts, there are ways to protect your business from being the next victim of a malware, ransomware, DDoS, or crypto-jacking attack.

Some important ways to protect your business from cyber attacks:

  1. Install password protected hardware that will secure your sensitive data and reinforce your security with 2 factor authentication. If your data is not protected in the cloud, make sure hard copies of your data are tightly guarded as well…you wouldn’t want someone to literally walk away with your sensitive information.
  2. Make sure to encrypt your data to ensure that it has additional protection in case someone happens to steal your information. These days, advanced encryption services exist which if stolen, will make your data incredibly difficult to breach for even some of the most innovative hackers.
  3. An important way to safeguard of your data and protect your business post ransomware attack is to consistently perform data back-ups. If you regularly schedule back-ups, your data will always be stored and up-to-date, so if and when a hacker infiltrates your network and attempts to stronghold your business with ransomware, you can avoid paying the ransom and upload your stored data.
  4. Install and implement some of the best cyber security tools on the market. As a first line of defense, these tools can help businesses stay on top of potential vulnerabilities. Head over to our resources page to learn more about some of the most effective tools on the market today.
  5. Educate your employees. In today’s digital environment, the email spoofing messages and attachments show up in inboxes all too often and without proper training, it is too likely that they will be clicked on. In turn, hackers will have the opportunity to then infiltrate and infect your network, ultimately costing your business money, resources, and interruption. Informed employees will protect the business from external threats.
  6. Lastly, implement a cyber security insurance policy on your business. Cybercriminals are proving day after day that they are smarter and more innovative than most cyber defense softwares, which ultimately puts more and more businesses at risk of being attacked. Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen.

 

evolvemga
In Cyber Attacks

LabCorp & HealthCare Industry Prove To Be Likely Cyber Attack Victims

Evolve MGA Cyber Insurance

LabCorp, a medical laboratory testing business, was hit with a cyber attack this past weekend that has resulted in the firm being offline, limiting customer access to sensitive information and delaying the testing process. According to reports, it’s not apparent why the cybercriminals attacked their IT network, but they were able to do enough damage to knock LabCorp offline, ultimately affecting their normal business operations.

According to LabCorp, there was no evidence of unauthorized transfer or misuse of data. LabCorp has notified the relevant authorities of the suspicious activity and will cooperate in any investigation. Despite the potentially minimal affects of this attack, it’s worth noting the increasing security exposures surrounding the healthcare industry in the past few years.

Additionally, had the medical laboratory testing firm had a cyber insurance policy in place, it’s likely that they would be protected from business interruption, potential financial loss, as well as additional expenses associated with any cyber attack.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this cyber attack, click here.

evolvemga
In Cyber Attacks

Severe Lapse in Security Has Resulted in HIV Patients Info Being Exposed

Evolve | Metro Public Health Department

Metro Public Health Department in Tennessee has been exposed to incredibly damaging exposure that has put thousands of HIV/Aids patients at severe risk of their sensitive information being leaked to the dark web. At time when the protection of consumer data has been a hot topic, this lapse in security surrounding personal and confidential information has resulted in outcry from consumers who are demanding stronger regulations surrounding the access and control of their data.

According to the Tennessean news site, for about nine months, information dating back as far as 1983 about individuals in Tennessee with HIV/AIDS was left accessible on a shared computer server open to all staff members at the Nashville Metro Public Health Department. This information was supposed to only be accessed by three data scientists, but according to reports, more than 500 employees had access to this confidential information.

In addition to identities of HIV/AIDS patients, the unsecured database allegedly contained Social Security numbers, birthdays, addresses, lab results and intimate details, such as whether individuals were gay, bisexual or transgender – and whether they ever used illegal drugs.

Post breach, we can expect data breach attorneys, computer forensic experts, and PR consultants, all billing at an hourly rate. Depending on their findings, notification and credit monitoring costs could follow. Lastly, if medical records were exposed, then a complete security risk assessment may be conducted by the Office of Civil Rights under the federal HIPAA legislation.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to learn more about this data breach, click here.

evolvemga
In Cyber Attacks

Are Hackers Trying To Steal Your Facebook Memories?

Evolve | Timehop

Social media app, Timehop, was hit with a data breach, affecting 21 million of its users which dates back since December of 2017. The social media app that pulls from your “memories” on Facebook and Instagram confirmed that the cybercriminals have access to names, email addresses, phone numbers, and most alarming, “access tokens”, which could allow the hackers to expose user’s social media accounts.

Although no financial information was stolen, reports indicate that 4.7 million users had their phone numbers attached to their accounts, which can be sold for more money on the dark web than names and email addresses. Timehop reported that a hacker accessed their cloud computing account, which wasn’t protected by two-factor authentication. This attack can potentially result in consulting from third-party forensic cybersecurity experts, PR consultants, and data breach attorneys, all billing at an hourly rate.

If Timehop had a cyber insurance policy in place, it’s likely that they would be covered from any type of financial loss related to this attack.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this data breach, click here.

evolvemga
In Cyber Attacks

Malware Smart Enough To Decide If Ransomware Or Crypto-mining Is More Profitable

Evolve MGA Cyber Insurance

Security researchers have discovered a new virus that is so advanced that it can decide if your computer is powerful and vulnerable enough to mining or ransomware. This new age variant of Rakhni ransomware infects computer systems by infiltrating the network, which it then evaluates the computer configurations to see if ransomware or crypto-mining is more profitable for the hacker.

As we’ve mentioned in the past, crypto-mining has recently become the most popular style cyber attack in 2018, but ransomware is still a likely attack as it can be incredibly profitable for cybercriminals. The difference between the two is:

Ransomware attacks typically lock computers for a “ransom” but doesn’t always guarantee a paycheck as some victims aren’t willing to negotiate with cyber criminals. On the other hand, hackers who access a business server, can utilize the networks CPU’s in order to mine the digital currency. Depending on the window of time and the value of the cryptocurrency, hackers can make a significant profit, especially if the business is unaware that their network is being exposed.

According to Kaspersky Labs, this new found malware is a variant of Rakhni ransomware, which has been upgraded to include cryptocurrency mining capability, which has provided cybercriminals the option of attack. The Rakhni malware is being spread using spear-phishing emails with an MS word file in the attachment, which if opened, prompts the victim to save the document and enable editing.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about Rakhni ransomware, click here.

evolvemga
In Cyber Attacks

Make Way Ransomware, Crypto-Jacking Is Now #1 Cyber Attack!

Evolve MGA Cyber Insurance

If our posts about the various crypto-jacking attacks on businesses haven’t provided enough reason to believe the hype, numerous recent studies indicate that crypto-jacking attacks on businesses have surpassed ransomware attacks in popularity. If 2017 was the year of ransomware attacks, 2018 is quickly becoming the year of crypto-jacking attacks.

The craze surrounding cryptocurrency has created the opportunity for hackers to attack businesses in new and innovative ways. Either by infecting a network with a malicious malware that locks businesses out, which in turn provide the opportunity to request cryptocurrency payments without being traced, or leveraging a business’ server in order to utilize their CPU’s to mine cryptocurrency, there is no doubt that businesses need to protect themselves with proper security practices and a cyber insurance policy in order to stay in front of these attacks…which affect businesses of all sizes, across various industries.

According to Raj Samani, Chief Scientist at McAfee, “Attackers targeting cryptocurrencies may be moving from ransomware to coin miner malware, which hijacks systems to mine for cryptocurrencies and increase their profits,” which has increased over 1,000% in the first quarter of 2018. As mentioned cybercriminals are targeting all different types of businesses and leveraging different malicious strategies in order to get paid. For instance, the City of Atlanta was hit with a malware attack, which the hackers requested $50,000 in cryptocurrency in order to unlock their network, but the city officials didn’t oblige, which ultimately led to their systems and processes being deleted and $2,000,000+ in financial losses. Additionally, Tesla recently found out that hackers were utilizing an open AWS server to mine cryptocurrency for over a month without being detected.

All in all, hackers continue to find new and innovative strategies to attack businesses that appear to be low-hanging fruit, which in turn places a lot of pressure on businesses to update their systems, install proper cyber security, invest more time and resources in end-user training, and ultimately get protection from cyber specialists by putting a cyber insurance policy in place.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the rise of crypto-jacking, click here.

evolvemga
In Cyber Attacks

Typeform Hacked & Now Millions Of Users Are Exposed To The Dark Web

Evolve MGA Cyber Insurance

Typeform, a data collection that specializes in form building and online surveys for businesses around the world was hacked this past week, exposing sensitive information of its users. The Spanish based company recognized the data breach on June 27th and immediately hired a forensic investigation team (billing on an hourly rate most likely) to extract information surrounding the security vulnerability.

The cybercriminals who accessed their servers stole data backups for surveys conducted before May 3rd of this year with the likely plan to sell them on the dark web (although this wasn’t disclosed).

Typeform stated that they were quick to take action post breach, confirming that they patched the exposure and emailed all of the affected users warning them that they can be subject to potential phishing emails. In similar instances, companies affected by data breaches, especially those that get payment card information and detailed sensitive information stolen are subject to offer free credit monitoring services to all those affected as well.

It’s important to note that Typeform customers Adidas, Ticketmaster, and Monzo confirmed that partial customer information has been hacked as result of the Spanish data collection company’s data breach.

Although it’s not confirmed, Typeform can experience reputational harm and loss of financial profits if these major clients decide that they don’t want to work with them any longer due to this cyber attack.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this data breach, click here.

evolvemga
In Cyber Attacks

Ticketmaster Hit With Massive Data Breach, Exposing Millions Of Payment Cards

Evolve MGA Cyber Insurance

Ticketmaster, one of the largest ticket distribution and sales companies, experienced a data breach this past week, exposing millions of their customers. According to reports, the cybercriminals responsible for the cyber attack found a vulnerability in the automated customer support chatbot software (Inbenta Technologies) that the ticket distribution company uses to communicate with customers.

Ticketmaster, which is owned by Live Nation Entertainment, announced the severity of the attack, stating that not only could the data breach been exposing their customers since September 2017, but the hackers could have collected some very valuable information. The unknown third party that accessed Ticketmaster and possibly others under Live Nation, collected personal information, as well as payment card information on millions of customers.

This attack can potentially cost hundreds of thousands to millions of dollars, which could result in consulting from third-party forensic cybersecurity experts, PR consultants, data breach attorneys, and credit monitoring services, all billing at an hourly rate. Additionally, Ticketmaster can possibly experience business interruption losses due to losing trust from customers, as well as class action lawsuits from disgruntled customers.

Had Ticketmaster been protected with a cyber insurance policy, it’s likely that they would be covered for these expenses.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this data breach, click here!

evolvemga
In Cyber Attacks

Did You Know DDoS Attacks Can Cause Massive Losses in Profits?

Evolve MGA Cyber Insurance

Did You Know?

Distributed Denial of Service (DDoS) Attacks Can Cause Massive Losses in Profits..

What causes a Distributed Denial of Service (DDoS) attack claim?

The intent of a DDoS attack is to bring a website or web-based services down by bombarding the company with so much traffic that their services and infrastructure are unable to handle it all. Once knocked offline, businesses immediately feel the effects of lost profit through business interruption. Depending on the window of downtime and size of the business, this attack can quickly cause hundreds of thousands to millions of dollars in losses. 

Distributed Denial of Service attack on DreamHost

DreamHost, a Los Angeles based web hosting provider, was targeted by hackers after headlines emerged about a politically charged situation with the DOJ. To voice their displeasure with the company, they ordered a DDoS attack on their website, which ultimately knocked DreamHost offline for hours, limiting their customers from accessing their own websites. Claims of this nature can cost the Insured hundreds of thousands to millions of dollars depending on the severity of the attack. (link to article)

How is a DDoS attack covered in a cyber policy?

Evolve’s cyber policy includes coverage for liability associated with a denial of service attack and business interruption that results from a system outage.

How do I protect my client before an attack?

All of Evolve’s policyholders receive free access to $5,000 – $10,000 worth of pre-breach, risk management services. These services include access to: annual phishing software, security vulnerability reports, 3rd party forensic advice, a dark web burglar alarm, and incident response training preparation.

For quotes, please contact [email protected].

Close Menu