Cyber Attacks

It’s no secret that the criminally charged cyber industry is booming. What is more alarming than the success of the industry is the limited barriers to entry that make it feasible for cybercriminals to find the tools and victims to target using phishing and other bullish strategies. According to cybercriminal, Peter Levashov, herding victims to send spam emails is quite lucrative, as he was known to quote customers $500 for 1 million emails, $750 for 2 million emails, or $1,000 for 3 million emails, according to court documents.

Although Levashov recently pleaded guilty for running and advertising spam and malware distribution services that attempted to infect PCs, this case opens up the issue surrounding the continued growth of cybercriminals who create innovative ways to target victims…with ease. Coined as “cybercrime-as-a-service”, this criminally charged economy is providing would-be criminals with easy access to an array of tools, victims, and strategies to make money off of innocent people.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about cybercrime-as-a-service, click here.

As if Tesla didn’t have enough to worry about surrounding their CEO or the amount of executive level employees that jumped ship this year, now cyber security experts indicate that Tesla’s key fobs can be hacked in just seconds, allowing hackers to easily break into the cars and drive away without a trace. Tough break for the highly anticipated Tesla Model 3 that is hitting the streets at rapid pace.

The team of researchers at the COSIC group displayed the ease of cloning the key fob by sending an encrypted code to a car’s radios to trigger it to unlock the doors, enabling the car to start. According to the report, the researchers made a 6-terabyte table of all possible keys for any combination of code pairs, and then used a Yard Stick One radio, a Proxmark radio, and a Raspberry Pi mini-computer, which cost about $600 total—not bad for a Tesla Model 3 though—to capture the required two codes. With these tools, the researchers were able to calculate the exact crypto codes to unlock any key fab and start any Tesla 3 in 1.6 seconds!

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the electric car manufacturer vulnerability, click here.

The U.S. Government has recently concluded the federal court case against North Korean computer programmer, Park Jin Hyok, who is responsible for numerous high profile cyber attacks and heists. Hyok, who is believed to be living in North Korea and is apart of North Korean-sponsored hacking organization, is responsible for the damaging Sony hack that occurred in November of 2014, the Bangladesh bank heist in February of 2016, and the Wannacry ransomware attack in May of 2017.

In addition to leak of entertainment films like Annie and Fury, which cost Sony roughly tens of millions of dollar, the Sony hack of 2014, which Park Jin Hyok is responsible for, exposed sensitive personal information about employees, including Social Security numbers, financial records, salary information, as well as embarrassing emails among top executives. U.S. officials believe the hack on Sony was in retribution for the release of the Seth Rogan and James Franco film, “The Interview”, which although a comedy, the plot of the film was to assassinate Kim Jong Un.

Park Jin Hyok was later connected to the cyber heist on the Bangladesh Bank, which resulted in a robbery of millions of dollars from banks around the globe. Although there is no direct trace, Park and his associates potentially walked away with roughly $60 million dollars (roughly $40 million was recovered from the $101 million that was successfully stolen). The Federal Reserve Bank of New York was able to block 35 transactions that would have accounted for more than $800 million dollars.

Lastly, security researchers were able to connect Park Jin Hyok to the global WannaCry Ransomware attack that occurred in 2017 after they were able to trace the same code as  the malware that was previously distributed by the hacker group known as the Lazarus Group, which is believed to be responsible for the Sony hack. All in all, the WannaCry cyber attack used malware to scramble data on hundreds of thousands of computers at hospitals, factories, government agencies, banks and other businesses across the globe.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a free quote!

If you’d like to read more about this high profile cybercriminal and the cyber attacks he is associated to, click here.

According to Wall Street Journal, majority of the top 25 cities in the country have a cyber security insurance policy in place, or at the very least, shopping for cyber coverage. After the ludicrously expensive ransomware attack on the City of Atlanta, which initially cost the city departments over $2 million plus hours of labor trying to recover damaged and lost data, recent reports indicate that this attack actually cost the city over $9 million to fully recover. With that being said, cities have no choice but to take cyber insurance into serious consideration.

The city of Houston has 3 $10 million cyber liability insurance policies in place to protect any low hanging fruit (departments with old systems and lacking cyber security protocols, as well as the city as a whole) from being the victim of a cyber attack. This came into place after Houston’s Chief Security Officer approached local law makers to persuade them cyber insurance was a worthy investment as their policies will protect the city from hackers’ extortion demands, legal liabilities, computer-forensics expertise and costs for problems like having government services knocked off line.

Due to the rise in cyber attacks on state and local governments, city officials have no choice but to consider implementing a cyber insurance policy to avoid inevitable truths pertaining to the likelihood of an attack on one or all of their departments. As the Wall Street Journal mentions, major city officials are stepping up and arguing the serious need for cyber insurance, among those cities are: Boston, San Jose, Nashville, Washington D.C., etc.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more from the Wall Street Journal, click here.

If Your Clients Accept Credit Cards, They Could Face Massive Fines And Penalties If The Business Experiences a Data Breach?

The scary thing is that many standard cyber policies heavily sub-limit expenses associated with credit card breaches. Payment processors typically push all the liability back onto merchants. Contact us today to get a quality cyber policy for your clients.

What happens in a credit card breach?

The US servers of the telecommunication giant, T-Mobile, has confirmed that they have been struck by a devastating data breach which has infected 2 million of their users. According to reports, the cybercriminals have exposed customers’ name, billing zip code, phone number, email address, account number, and account type (prepaid or postpaid).

Despite the damage being done, T-Mobile has confirmed that credit card numbers, social security numbers, or passwords, were not compromised in the security breach. 2 million is a large amount of data to be stolen by hackers, but to provide some reference, T-Mobile has roughly 80 million users, so although this data breach needs to be taken seriously for obvious reasons, the amount of customers affected is roughly only 3% of their entire customer base.

According to a spokesperson at the company, hackers were able to access T-Mobile servers through an API that “didn’t contain any financial data or other very sensitive data,” adding “[they] found it quickly and shut it down very fast.”

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about T-Mobile’s data breach, click here.

So far in 2018, there has been roughly 6.1 million individuals who have fallen victim to cyber attacks in the healthcare industry. Of these attacks, 229 of them have found themselves on the HIPAA ‘Wall of Shame’. To add some perspective, a data breach that affects > 500 individuals will land organizations on the Department of Health and Human Services’ Wall of Shame.

In recent weeks, 30 data breaches occurred, resulting in 2.2 million individuals being exposed, which has been the result of malicious phishing attacks against Health System/UnityPoint Health. Evolve MGA provides cyber insurance policies to protect businesses from the effects of business email compromises (the leading attacks on the healthcare industry).

We also educate and provide the security resources needed to protect the end users who are facing cybercriminals on the front lines (emails). Cyber attacks are becoming more disruptive and hackers are finding innovative ways to attack businesses, especially in vulnerable industries as some employees and systems are seen as low hanging fruit.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the data breaches surrounding the healthcare industry, click here.

Air Canada experienced suspicious activity surrounding the login process on their mobile app this week. In result, the airlines company sent out a message to their 1.7 million app users insisting that they change their passwords. Based on the reports, Air Canada confirmed that at least 20,000 individuals have been exposed by cybercriminals, which has placed individual’s passport details in jeopardy of being stolen.

At the very least, in order for users to use the Air Canada mobile application, they’re required to input their names and email addresses, but many of the customers would also input their passport detail, which includes birthdate, nationality, passport expiration date, country of issuance, and country residency, which in turn allows for more intrusive information to be sold on the dark web.

In addition to angry customers, data breaches like this that include sensitive information tends to be worth more to hackers and the dark web, which has placed the Canadian airline company in hot water. It’s worth noting that had Air Canada had a cyber insurance policy in place, it’s likely that they would be protected from business interruption, potential financial loss, as well as additional expenses associated with this cyber attack.

Evolve MGA offers cyber insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this data breach, click here.