Cyber Attacks

The FBI have issued warnings surrounding two North Korean backed, malicious malware, that are targeting media organizations, aerospace, financial and critical infrastructure sectors around the globe. Known as Hidden Cobra, the malware has links to popular cyber attacks that have occurred in past years. Some of those attacks are WannaCry, which shut down hospitals and businesses around the world, Sony Pictures hack, which occurred in 2014, as well as the Swift banking attack in 2016. 


Hidden Cobra is using a Remote Access Trojan (RAT) in order to attack their victims. The RAT is a two-stage malware that establishes peer-to-peer communications and manages botnets designed to enable other malicious operations, according to the US-Cert.  
 Using remote command by the Hidden Cobra “team”, the malware infects systems by utilizing another deliverable malware file, which tricks users into visiting compromised websites or downloading malicious attachments.

Avoiding these attacks can be done by providing staff with security tools & training. To learn more about best security standards and tools, head over to our Risk Management page! Evolve MGA offers cyber liability insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. 

If you’re interested in reading more about the Hidden Cobra malware, click here.

Mexico’s central bank initially reported real-time processing issues a couple of weeks ago when they noticed cyber threat activity surrounding their encrypted network that allows for real-time payments to be transferred between private accounts. Reports indicate that operational incidents reflect the workings of hackers attempting to intercept these real-time payments. Although they were initially able to protect their customers and banks by transitioning to their contingency protocol, recent reports indicate that the hackers were able to steal over $15 million from dozens of different bank branches.

According to the central bank, the cyber criminals stole $15 million by creating fake money orders and phony accounts in order to withdraw the funds. The hackers sent hundreds of money orders in order to steal hundreds of thousands of pesos, then quickly had their boots on the ground to withdraw the money before the banks were able to stop the attack. The bank is working to mitigate this cyber threat, but assures that customers were not affected in this cyber attack.

It’s important to note the consistency of cyber risks and threats surrounding network exposures, regardless of industry. All businesses are utilizing internet connections, accessing data, transacting payments, and distributing customer information, but not every business is protected against modern day exposures. 

Evolve MGA offers cyber security insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen, as well as cyber risk resources to protect employees from falling victim to a hacker’s attempt to accessing your system. Our cyber insurance specialists are here to equip your business or clients with a free cyber quote and cyber insurance policy to provide the best possible cyber coverage.

If you’d like to read more about Mexico’s central bank cyber attack, click here.

Utilized at many, if not all modern restaurants, point of sale (POS) systems are becoming increasingly more at risk of being hacked by cyber criminals due to the volume of customers they can expose, as well as the lucrative information that is attached to their payment cards. Often times, this information is collected and then sold on the Dark Web.

According to Chili’s parent company, Brinker International, the data breach, which was discovered on May 11th, could have affected the company and its customers over the course of March and April, which puts many customers at risk of being exposed.

Although Brinker believes that they caught the cyber attack early, they have not provided an approximate amount of customers who are at risk, but are providing 12 months of credit monitoring to all who were affected. If Brinker had a cyber insurance policy in place, not only would they be covered from this breach, but the cost for providing credit monitoring to all affected customers would be waived.

Evolve MGA offers cyber liability insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. If you’re interested in equipping your business with cyber coverage, head over to our website for a free cyber quote!

Speech recognition software company, Nuance Communications was hit with a data breach that has exposed over 45,000 individual records. Since the cyber attack, Nuance has contacted all of the affected patients, shut down their site in order to investigate the security breach, and transitioned patients over to their eScription transcription platform in order to convert dictation by clinicians into documents.

To add to this devastating discovery, Nuance Communications was also severely affected in 2017 when they were hit by NotPetya Malware, which cost the company $92 million!

Nuance Communications did not have a Cyber Insurance Policy in place and as a result, they estimated to have lost approximately $68 million in revenues in 2017, primarily from their healthcare segment, due to business interruption and credit monitoring payments for affected customers. Additionally, they also experienced a loss of $24 million in 2017 as a result of remediation and restoration efforts, according to Nuance.

Evolve MGA offers cyber liability insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. If you’re interested in equipping your business with cyber coverage, head over to our website for a free cyber quote!

If you’d like to read more about this data breach, click here.

Two-factor authentication was a method created to confirm the identity of an individual utilizing multiple factors that the user has and knows in order to access an account securely. Although this security protocol has been deemed to be a significant step in securing accounts, hacking professional, Kevin Mitnick, has proven that hackers can spoof the security and send a user to a fake login page and steal the credentials and session cookie.

Utilizing a false domain to lure users in, the hacker can capture the login credentials and authentication code, which they would pass onto the actual site and login indefinitely. Intended to be an extra layer of security to rely on in order to protect your organization, Mitnick has shown that two-factor authentication cannot be a standalone solution to security. With a cyber insurance policy in place, policyholders are protected in the event their cloud data is hacked.

As Stu Sjouwerman of KnowBe4 notes, “anti-phishing education is deeply important and that a hack like this is impossible to complete if the victim is savvy about security and the dangers of clicking links that come into your email box.”

Head over to our Risk Management page to learn more about the best security tools on the market.

If you’d like to read more about two-factor authentication, click here.