Contact us

(831) 722-3541

Contact us

Contact details:

Message:

Your message has been sent successfully. Close this notice.

Commercial Insurance Quote

Coverage Information

Current Coverage Information

Contact details:

Your Quote Form has been sent successfully. Close this notice.

Auto Insurance Quote

Contact details:

Current Coverage Information

Your car:

Your Quote Form has been sent successfully. Close this notice.

Homeowners Insurance Quote

Your house:

Current Coverage Information

Contact details:

Your Quote Form has been sent successfully. Close this notice.

Life Insurance Quote

Life Insurance Details

Current Coverage Information

Contact details:

Your Quote Form has been sent successfully. Close this notice.

Health Insurance Quote

Coverage Information

Current Coverage Information

Contact details:

Your Quote Form has been sent successfully. Close this notice.
2 months ago · by · 0 comments

Current Cyber Risks & News

DHS Warns of Utilities Malware

Two cyber security firms have uncovered malicious software that they believe caused a Ukraine power outage last December. The software was recently uncovered by two cyber security firms—ESET, a Slovakian anti-virus software maker, and Dragos Inc., a U.S. critical-infrastructure security firm.

The two firms released details of the malware, which goes by two different names, Industroyer and Crash Override. They also issued alerts to governments and infrastructure operators to help them defend against the malware, warning that it could be easily modified to harm critical infrastructure operations around the globe.

The U.S. Department of Homeland Security (DHS) hasn’t seen any evidence to suggest that its critical infrastructure has been affected, but it will continue to investigate, as there is the possibility of more attacks using the same approach. In an alert posted on its website, the agency stated that “the tactics, techniques and procedures described as part of the Crash Override malware could be modified to target U.S. critical information networks and systems.”

In the same alert, the DHS posted a list of technical indicators that a system had been compromised by Crash Override and asked firms to contact the agency if malware was suspected.

Power firms are concerned that there could be more attacks, especially considering the malware could attack other types of infrastructure, such as transportation, water and gas providers.

The two companies do not yet know who masterminded the attack, although Ukraine blames Russia. Officials in Moscow have denied the claims.

Microsoft Warns of Cyber Attacks

Citing an elevated risk of cyber attacks, Microsoft has released several security updates during its June “Patch Tuesday” in an effort to protect against widespread hacking. A recent blog post by Adrienne Hall, General Manager of Microsoft’s Cyber Defense Operations Center, stated, “In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations.”

WannaCry

In May 2017—after the WannaCry ransomware locked hundreds of thousands of machines around the world and demanded that victims paid a ransom in bitcoin—Microsoft was prompted to release updates for software that it no longer supports. This was an unexpected move that preceded more updates for old, outdated systems.

Microsoft’s motives for June’s most recent security updates are speculative, and it is unclear whether the company has been warned of another cyber attack using exploits similar to those of WannaCry. A Microsoft spokesperson stated that the decision to release the most recent updates is “an exception based on the current threat landscape and the potential impact to customers and their businesses.”

WannaCry Came from North Korea

According to British security officials, the May 2017 global ransomware attack that affected over 200,000 computer systems came from North Korea. The hackers are believed to be a hacking group known as Lazarus—the same group that targeted Sony Pictures in 2014.

In the wake of increasing tensions resulting from North Korea’s missile tests, the DHS and the FBI have issued an alert to businesses about another possible cyber attack led by North Korea, warning people to update old software

Recent Findings

British security officials have recently linked the North Korean government to the creation of WannaCry, based on tactics, techniques and targets. The ransomware was originally built around a hacking tool belonging to the National Security Agency and spread through a flaw in Windows.

The Importance of Performing Updates

WannaCry is believed to be a flawed attempt to raise revenue for the North Korean regime, considering the hackers have not yet cashed in the $140,000 in bitcoin they stole. That is likely because the transactions are easy to track. Despite the failed attempt, one of the reasons why WannaCry was so powerful was because many of the facilities attacked hadn’t updated their software to patch holes in security.

The most recent security update includes patches to its Windows XP, Windows Vista and Server 2003 products, which are all unsupported but still widely used. Microsoft suggests customers enable Windows Update if they haven’t already.

Target to Pay Settlement from 2013 Data Breach

Target has agreed to pay $18.5 million to settle claims made by 47 states and the District of Columbia as well as to resolve an investigation into the retailer’s massive data breach in 2013.

The investigation found that Target’s gateway server was accessed by cyber hackers through credentials stolen from a third-party vendor. As a result, data from up to 40 million credit and debit cards were stolen during the 2013 holiday season.

The total cost of the data breach was $202 million, according to Target. The state receiving the largest share of the settlement is California, which will receive more than $1.4 million.

Michigan Utility Company Loses Employees After Cyber Attack

A Lansing utility company is still recovering from a 2016 cyber attack that temporarily disabled its internal network and asked for a $25,000 ransom. According to officials, an employee unsuspectingly clicked on an infected email attachment, which shut down the company’s accounting and email systems.

Since the cyber attack, 14 employees have voluntarily left the company—13 of which were IT employees. The company is devoting its resources to minimize the odds of an attack and to quickly recover in the event it is hit again.

Read more

8 months ago · by · 0 comments

A Growing Need for Cyber Liability Insurance

In today’s high-tech world, individuals can carry thousands of client files on flash drives in their pockets or purses. People are conducting business on the go and sensitive information is accessible at the click of a button. Managers are using their laptops or tablets through “hot spots” at local coffee shops to access customer databases. Healthcare professionals shopping at supermarkets can get patient files on their smartphones.

If you think of information security breaches primarily in terms of malicious hackers cracking the networks of big corporations from thousands of miles away, think again.

The hacking of such corporate giants as Global Payments, Epsilon, and Sony prove that size and sophistication can’t stop data thieves. However any company that stores customer information in electronic format is vulnerable to cyber privacy liability exposures than can cost megabucks – or even put a firm out of business – which means they need insurance against these risks.

Cyber Liability coverage can protect your business against breaches of privacy from unauthorized access, physical taking, or the mysterious disappearance of confidential information that leads to third-party losses resulting from identity theft.

Depending on your needs, the policy can also provide a variety of coverages, such as:

  • Business Interruption
  • Cyber Extortion
  • Systems and Data Recovery

Other options can cover the cost of contacting those affected by the data breach, computer forensics to analyze the breach, fines and penalties, potential HIPAA (client medical records) exposures, and online activities on your company site.

The development and expansion of Cyber Liability coverage during the past two decades has paralleled the explosive growth of computer technology: Today’s policies are increasingly comprehensive – and inexpensive. Contact us today to discuss your Cyber Liability Insurance needs.

Read more

10 months ago · by · 0 comments

Online Identity Theft Prevention

credit-card-1730085__340-smallGoing online has become part of everyday life, whether it is for everyday activities such as shopping, sending email or paying bills, and managing your accounts. But data breaches, in all their forms, can potentially expose the personal information that we share online, putting consumers at risk of identity theft.

According to the 2015 Travelers Consumer Risk Index, 59% of Americans worry about online identity theft. Fortunately, there are steps that consumers can take, including not opening unsolicited emails and avoiding unsecure websites, to protect their personal information while online.

The following tips can help you learn how to help stay safe online:

Online Shopping

  • Research potential retailers to make sure they are reputable and have a secure network and website. Try to avoid buying from a site that does not have a secure socket layer (SSL) encryption installed. In order to do this, look for the ‘s’ at the beginning of a URL – HTTPS:// instead of HTTP:// – to help determine if a site is SSL secured.
  • Read the site’s privacy policy to learn how the personal information you provide will be used.
  • Use only one credit card for online purchases. Be sure to read statements when received to check for fraudulent or unknown charges or activity.
  • If you receive an email regarding sales or discounts from a particular retailer, log on directly to the official website for the business. Avoid linking to it from an unsolicited email.

Emails and Attachments

  • Do not send personal information in email or instant messages. Emails are out of your control once sent, and can be easily intercepted.
  • Do not click on links you receive by email or encounter online that are suspicious or from unknown sources. Only accept and click if it:
    • Comes from someone you know.
    • Comes from someone you have received mail from before.
    • Is something you were expecting.
    • Does not look odd with unusual spellings or characters.
    • Passes your anti-virus program test.
  • Be cautious of emails you receive regarding your financial accounts. If you are not sure of the email’s validity, contact your financial institution directly.

General Online Safety

  • Try to limit the personal information you put on the Internet. Social media sites can be good for networking, but identity thieves can use the information you share.
  • Remember to keep your Web browser up to date. This can help ensure the latest security features are installed.
  • Avoid storing personal information, account numbers and personal identification numbers on your computer.
  • Install firewall and anti-virus software. This can help protect you from exposure to malicious cyber attacks.
  • Choose strong passwords and keep them private.

Read more

Company information

Scurich Insurance Services
Phone: (831) 661-5697
Fax: (831) 661-5741

Physical:
783 Rio Del Mar Blvd., Suite7,
Aptos, Ca 95003-4700

Mailing:
PO Box 1170
Watsonville, CA 95077-1170

Contact details

E-mail address:
Info@ScurichInsurance.com

(831) 661-5697

Available 8:30am - 5:00pm