Another global cyber attack was activated on Tuesday, leaving companies across Europe, Australia and even the United States struggling to respond.
This outbreak may be the most sophisticated of a series of attacks initiated after hacking tools were stolen from the National Security Agency and leaked online in April. Similar to the WannaCry attacks in May, the most recent hack involves taking control of computer systems and asking users for digital ransom in order to regain access.
According to a spokesperson from Microsoft, the latest software update used to patch EternalBlue—the Windows software vulnerability that caused previous attacks—should protect against this attack. However, the companies affected may have failed to properly install it. As of Wednesday morning, the following companies had been affected:
- Ukrainian institutions that include the Infrastructure Ministry, postal service, central bank and the country’s largest telephone company
- Russian oil company Rosneft
- The world’s largest container-shipping company A.P. Moller-Maersk
- U.S. pharmaceutical giant Merck
- U.S. food company Mondelez International
- French bank BNP Paribas
- French construction materials company Saint-Gobain
- British marketing company WPP
- German railway company Deutsche Bahn
Although the perpetrators of this outbreak are still unknown, computer specialists have noticed similarities between the ransomware used in this attack and last year’s Petya attack. Like WannaCry, Petya is a quickly spreading worm that affects vulnerable systems. Unlike WannaCry, Petya has multiple ways to spread. This could explain why even victims who applied the EternalBlue patch were affected.
If the most recent attack is related to Petya, it could be far more damaging than WannaCry. Unlike WannaCry, Petya lacks a kill switch to prevent it from spreading. Also, Petya locks and encrypts entire hard drives, while WannaCry only locked individual files.
At the time of this news brief, 30 victims had paid the bitcoin ransom of $300, according to online records, but it isn’t yet clear whether they’ve regained access to their systems. Complicating matters, German email provider Poseo shut down the email account of the hackers in a move that could make it impossible for hackers to restore their victims’ computer access once ransom is paid.
Scurich Insurance will continue to monitor the situation. Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.
Read more
DHS Warns of Utilities Malware
Two cyber security firms have uncovered malicious software that they believe caused a Ukraine power outage last December. The software was recently uncovered by two cyber security firms—ESET, a Slovakian anti-virus software maker, and Dragos Inc., a U.S. critical-infrastructure security firm.
The two firms released details of the malware, which goes by two different names, Industroyer and Crash Override. They also issued alerts to governments and infrastructure operators to help them defend against the malware, warning that it could be easily modified to harm critical infrastructure operations around the globe.
The U.S. Department of Homeland Security (DHS) hasn’t seen any evidence to suggest that its critical infrastructure has been affected, but it will continue to investigate, as there is the possibility of more attacks using the same approach. In an alert posted on its website, the agency stated that “the tactics, techniques and procedures described as part of the Crash Override malware could be modified to target U.S. critical information networks and systems.”
In the same alert, the DHS posted a list of technical indicators that a system had been compromised by Crash Override and asked firms to contact the agency if malware was suspected.
Power firms are concerned that there could be more attacks, especially considering the malware could attack other types of infrastructure, such as transportation, water and gas providers.
The two companies do not yet know who masterminded the attack, although Ukraine blames Russia. Officials in Moscow have denied the claims.
Microsoft Warns of Cyber Attacks
Citing an elevated risk of cyber attacks, Microsoft has released several security updates during its June “Patch Tuesday” in an effort to protect against widespread hacking. A recent blog post by Adrienne Hall, General Manager of Microsoft’s Cyber Defense Operations Center, stated, “In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations.”
WannaCry
In May 2017—after the WannaCry ransomware locked hundreds of thousands of machines around the world and demanded that victims paid a ransom in bitcoin—Microsoft was prompted to release updates for software that it no longer supports. This was an unexpected move that preceded more updates for old, outdated systems.
Microsoft’s motives for June’s most recent security updates are speculative, and it is unclear whether the company has been warned of another cyber attack using exploits similar to those of WannaCry. A Microsoft spokesperson stated that the decision to release the most recent updates is “an exception based on the current threat landscape and the potential impact to customers and their businesses.”
WannaCry Came from North Korea
According to British security officials, the May 2017 global ransomware attack that affected over 200,000 computer systems came from North Korea. The hackers are believed to be a hacking group known as Lazarus—the same group that targeted Sony Pictures in 2014.
In the wake of increasing tensions resulting from North Korea’s missile tests, the DHS and the FBI have issued an alert to businesses about another possible cyber attack led by North Korea, warning people to update old software
Recent Findings
British security officials have recently linked the North Korean government to the creation of WannaCry, based on tactics, techniques and targets. The ransomware was originally built around a hacking tool belonging to the National Security Agency and spread through a flaw in Windows.
The Importance of Performing Updates
WannaCry is believed to be a flawed attempt to raise revenue for the North Korean regime, considering the hackers have not yet cashed in the $140,000 in bitcoin they stole. That is likely because the transactions are easy to track. Despite the failed attempt, one of the reasons why WannaCry was so powerful was because many of the facilities attacked hadn’t updated their software to patch holes in security.
The most recent security update includes patches to its Windows XP, Windows Vista and Server 2003 products, which are all unsupported but still widely used. Microsoft suggests customers enable Windows Update if they haven’t already.
Target to Pay Settlement from 2013 Data Breach
Target has agreed to pay $18.5 million to settle claims made by 47 states and the District of Columbia as well as to resolve an investigation into the retailer’s massive data breach in 2013.
The investigation found that Target’s gateway server was accessed by cyber hackers through credentials stolen from a third-party vendor. As a result, data from up to 40 million credit and debit cards were stolen during the 2013 holiday season.
The total cost of the data breach was $202 million, according to Target. The state receiving the largest share of the settlement is California, which will receive more than $1.4 million.
Michigan Utility Company Loses Employees After Cyber Attack
A Lansing utility company is still recovering from a 2016 cyber attack that temporarily disabled its internal network and asked for a $25,000 ransom. According to officials, an employee unsuspectingly clicked on an infected email attachment, which shut down the company’s accounting and email systems.
Since the cyber attack, 14 employees have voluntarily left the company—13 of which were IT employees. The company is devoting its resources to minimize the odds of an attack and to quickly recover in the event it is hit again.
Read more
Employee Drug Use Reaches 12-year High
The positive drug test rate for the U.S. workforce was 4.2 percent in 2016, according to the Drug Testing Index (DTI) released by Quest Diagnostics. This represents a 5 percent increase over the positive rate in 2015, and the largest single-year positive rate since 2004.
The DTI analyzed over 10 million workforce drug test results from 2016 and categorized employees into three categories, including employees with federally mandated drug tests, the general workforce and the combined U.S. workforce. Here are additional details about the DTI’s findings for specific drug types:
- Marijuana—The positive test rate for marijuana increased nearly 75 percent in oral fluid testing, which is used in the general workforce. Federally mandated marijuana tests only utilize urine tests, and the positive test rate increased 10 percent in 2016.
- Cocaine—Positive test rates for cocaine in post-accident drug tests were more than twice as high as pre-employment screenings.
- Amphetamines—Positive test rates for amphetamines have risen 64 percent between 2012 and 2016 for the general workforce. Quest Diagnostics attributes this increase to the prevalence of prescription drugs, including Adderall.
In order to create a safe, productive workplace, you need to watch out for potential drug use at your business.
Political Discussions Hurt Job Performance
Many people can get worked up about politics, but a new survey from the American Psychological Association (APA) has shown that political discussions in the workplace can have a big impact on your employees’ job performance.
The APA surveyed U.S. employees about the impact of political discussions after the 2016 presidential election, and found that these discussions have a detrimental effect on job performance and relationships with co-workers. The survey found that 40 percent of employees have experienced a negative outcome following a workplace political discussion, such as reduced productivity or difficulty getting work done. Additionally, 24 percent of employees said they avoid some co-workers solely because of their politics.
According to the APA, social networks and constant news reports can cause individuals to adopt an “us versus them” political mentality, which can lead to conflict. As a result, it’s important to encourage respect, collaboration and courtesy in your workplace to ensure that your employees feel supported and remain productive.
New Executive Order Aims to Improve Cyber Security
President Donald Trump recently signed an executive order to improve the country’s cyber security and protect key infrastructure from cyber attacks. The order also emphasized the importance of strengthening the cyber security of federal agencies. According to a survey from Thales Group, a cyber security company, 34 percent of federal agencies experienced a data breach in the last year, and 95 percent of agencies consider themselves vulnerable to cyber attacks.
The executive order did not create any ongoing cyber security requirements, but instead laid out goals to assess the current state of cyber defenses and develop deterrence strategies. Here are some of the requirements of the executive order:
- Federal agencies must draft reports on their ability to defend themselves against cyber threats.
- The departments of Energy and Homeland Security must assess potential vulnerabilities to the country’s electrical grids. The executive order specifically mentions that prolonged power outages could pose a threat to national security or damage the economy.
- Various federal agencies must review the cyber defense plans of U.S. allies in order to cooperate during international cyber attacks.
Apple Creates $1 Billion Fund to Support U.S. Manufacturing
Apple, the world’s largest technology company, recently announced that it will create a $1 billion fund to support U.S. manufacturing. Although the company is based in the United States, it has faced criticism for outsourcing most of its manufacturing and taking jobs from U.S. workers.
Apple’s CEO stated that one goal of the fund was to support smart manufacturing and to create a ripple effect in industries that support smart manufacturers. For more information on the manufacturing fund, visit Apple’s website.
DID YOU KNOW?
A U.S. Court of Appeals recently barred the Federal Aviation Administration (FAA) from requiring recreational drone owners to register their unmanned aircraft. The FAA had originally required recreational drones to be registered in order to help identify aircraft that posed a hazard, and to pass on safety information to operators. However, the court’s ruling will not impact the use of drones for commercial use, as these aircraft must still be registered with the FAA before they are used.
Read more
McAfee Report Projects Top Cyber Threats of 2016
The McAfee Labs 2016 Threat Predictions report identifies top threats for the coming year as well as predictions for future cyber threats through 2020. The following is a summary of the report’s findings:
Hardware
Attacks that exploit flaws in both hardware and firmware components are expected to continue; security experts recommend being mindful of this potential avenue of exploitation below the level of the operating system.
Ransomware
Target Agrees to Pay a Nearly $40 Million Settlement
Target has just agreed to settle another huge class-action lawsuit stemming from the retailer’s 2013 data breach. Read on to learn who is getting paid and just how costly that data breach has been for the company.
Target has agreed to pay $39.4 million to settle a class-action lawsuit stemming from its 2013 data breach. The suit was filed on behalf of card issuers, banks and credit unions that had to give new cards to customers after their data was stolen from the retailer. This is just one of a number of lawsuits that have been filed since the data breach, and Target claims that it’s paid about $290 million in costs related to the breach.
Survey Finds Global Companies Worried About Cyber Threat Detection and Defense
According to EY’s Global Information Security Survey (GISS) 2015, “Creating trust in the digital world,” 88 percent of global organizations believe that their information security architecture doesn’t meet their current security needs. In fact, 36 percent aren’t confident that they even have the ability to detect sophisticated cyber attacks.
When asked about the source of cyber attacks, respondents named criminal syndicates (59 percent), employees (56 percent) and hacktivists (54 percent) as their top concerns. To meet this threat, 69 percent of respondents said that they’d like to increase their cyber security budgets by as much as 50 percent.
Cyber Information Sharing Act Passed as Part of Spending Bill
The Cyber Information Sharing Act (CISA), a significant piece of cyber security legislation, was added to the omnibus spending bill passed by Congress and signed into law by President Barack Obama last month. CISA is designed to encourage companies to cooperate with one another and with governmental agencies when disclosing and sharing information about identified cyber security threats, in part, by offering immunity to companies as a result of sharing that information.
Proponents of CISA say that sharing information will allow both the government and the private sector to respond to threats more quickly and efficiently. Critics, however, worry about the privacy of sensitive customer and patient data.
Ransomware attacks will likely become more common and more sophisticated. “Ransomware-as-a-service” is expected to continue growing, which will allow inexperienced cyber criminals access to the ransomware. Additionally, experts predict that ransomware will expand beyond Windows and also start targeting the increasingly popular Mac OSX.
Wearables
Wearable devices are becoming much more popular. While these devices don’t store very sensitive data themselves, they do connect to smartphones via Bluetooth, offering criminals a new potential “back door” into a user’s smartphone. The report suggests that cyber criminals might, for instance, use GPS data gathered from a user’s fitness tracker to create spear-phishing email attacks that the user is more likely to open.
Automobiles
Wired magazine stunned the automotive world in July 2015 when it ran a feature story outlining how a couple of enterprising hackers remotely commandeered a Jeep Cherokee. Experts predict a rise in the number of exploited zero-day vulnerabilities, but even identified threats pose a problem, because some companies cannot issue remote updates to certain car models.
Integrity
Integrity attacks represent a new, and potentially costly, type of cyber attack that most companies have seen in the past. Unlike other cyber attacks in which criminals simply damage or steal data, integrity attacks involve criminals selectively and surgically altering data in communications or transactions in ways that benefit them.
Experts anticipate integrity attacks will heavily affect the financial sector in 2016 as criminals find methods of intercepting and redirecting their targets’ legitimate transactions to their own bank accounts.
The report also mentioned that employees’ home systems, Cloud services and cyber espionage are likely cyber threats in the coming year. Regardless of the source, it’s clear that guarding yourself from cyber attacks involves identifying your exposures and developing strategies to protect yourself from each developing risk. Contact your advisor at Scurich Insurance today to ensure your cyber risks are appropriately covered.
Moody’s to Consider Cyber Attacks in Credit Assessments
Moody’s Investors Service announced recently that cyber attacks are becoming a larger part of the agency’s credit assessment and analysis processes. While Moody’s made it clear that it doesn’t consider cyber risk a principal credit factor, the agency has begun assessing cyber attacks as “event risks.” An event risk is a rare but potentially severe risk, much like a storm or other natural disaster that the company includes in its stress tests as it runs its credit analyses.
The growing number and severity of cyber attacks have made such a move necessary, as companies find themselves sometimes paying hundreds of millions of dollars to counteract the damage of a single data breach. Moody’s has released a report highlighting three important areas for companies to think about when considering the credit impact of a cyber attack:
- The type and importance of the affected asset or business
- The duration of the service disruption
- The scope of the business or assets affected by the cyber attack
For help assessing your cyber liabilities, contact Scurich Insurance today.
Read more
Social media and networking websites are extremely popular. Creating a social media presence for your company is something that should be thought through carefully, taking into account many factors. Interacting on social media just because “everyone else is doing it” is not a good enough reason when you consider the risks social media presents. However, the benefits can include the ability to help your company connect with tech bloggers, current and future clients, and potential job candidates.
Social networking has the ability to get your message across to thousands of people very quickly, which makes it a priceless public relations and viral marketing tool. However, popular social networking sites, such as Facebook, MySpace and Twitter, can present a significant hazard to your company and its reputation, depending on how you and your employees use them.
Social networking sites can help your company connect with clients and recruit job candidates. The key to social networking is to use it in a way that not only gets your name out there, but maintains a positive image of your company.
Industry leaders are constantly recommending social networking sites as places to advertise, and as tools to interact and connect with current and future customers. Although, not all publicity is good publicity. It is important to project a positive company image, which you can do through setting up your own social networking account; but it is just as imperative that you control other users’ conversations about you.
What Others Are Saying About You
Facebook, the largest social networking site today based on monthly unique visitors, has more than one billion active users. According to Facebook’s user statistics, the fastest-growing group of users is people older than 35, which means it is becoming increasingly likely that your workforce is getting involved with social networking.
While this has many potential benefits, you also want to be careful no one — whether it is a competitor, former or current employees — is tarnishing your company’s name or reputation. The same holds true for blogs, where damaging content may appear without your consent.
The key to keeping your risk low is identity management. The best way to prevent Internet buzz from becoming a hazard is to monitor the use of your company name. Set up an alert or periodically type it into a search engine to make sure that your official website is the top hit and that nothing offensive comes up in the first 20 hits, which is statistically as far as most people will dig in a search.
If you do find references to your company name in the first 20 hits that could be hazardous to your business or your reputation, you have a few options. If social networking sites are the culprit, consider enacting a policy prohibiting employees from mentioning the company name on their personal sites. Explain the negative outcomes this could have for business and help employees understand how acting as poor representation of the company through scandalous photos or negative comments on a social networking site could affect them directly.
How to Handle the Negative
If negative or derogatory comments about your company have seeped into other sites outside the control of your employees, however, the risk to your business is even greater. What’s more, this type of hazardous publicity is more difficult to manage. One approach is to try to increase the amount of positive information about your company on the Internet so that the negative write-ups are no longer within the top search results. Contacting sites and asking them to remove fictitious and defamatory material is another option.
If you have a serious public relations issue and your company’s reputation or legitimacy is on the line because of material on the Internet or social networking sites, it could cost you thousands of dollars in lost business. Consider hiring an identity management or public relations company, which will help organize, analyze and control the information about your organization that appears on the Internet.
Using Social Networks to Learn More About Candidates
The practice of using social networking sites to further research potential employees and weed out candidates based on content in these sites is risky. Not only does it cause you to dabble in issues of legality, but it also could place you in thorny situations when it comes to personal differences you become aware of via social networking tools.
A study conducted by Harris Interactive for CareerBuilder.com revealed that 45 percent of employers are already using social networking sites to screen job candidates. This is nearly double the number of employers who did this one year ago. Before you engage in this practice, know what types of hazards you face.
The most obvious problem with this practice is how difficult it is to draw lines between appropriate and inappropriate behavior. According to the Harris Interactive study, more than half the employers interviewed said provocative photos on a social networking site were the largest contributing factor when a potential employee was not hired.
But who gets to define what constitutes provocative, and does the candidate have the right to find out this is the reason he or she was not hired? Social networking is such a new trend, especially among the older workforce, that there are currently no ethical benchmarks in place.
By using social networking sites as a filtering tool, you are exposing yourself to potential lawsuits. Many users post personal information such as their religion and age. Even if you decide not to hire them for legal reasons, such as improper educational qualifications, the candidate could accuse you of basing the decision not to hire on information obtained from their social networking site.
There is no right or wrong answer regarding whether Internet research on candidates is a good idea, so it is up to your company to weigh the options. Whatever you choose, remember to examine the underlying risks and consider all feasible scenarios and outcomes to make the most informed decision possible.
Please contact Scurich Insurance for more information about this increasingly popular trend.
Read more
In today’s high-tech world, individuals can carry thousands of client files on flash drives in their pockets or purses. People are conducting business on the go and sensitive information is accessible at the click of a button. Managers are using their laptops or tablets through “hot spots” at local coffee shops to access customer databases. Healthcare professionals shopping at supermarkets can get patient files on their smartphones.
If you think of information security breaches primarily in terms of malicious hackers cracking the networks of big corporations from thousands of miles away, think again.
The hacking of such corporate giants as Global Payments, Epsilon, and Sony prove that size and sophistication can’t stop data thieves. However any company that stores customer information in electronic format is vulnerable to cyber privacy liability exposures than can cost megabucks – or even put a firm out of business – which means they need insurance against these risks.
Cyber Liability coverage can protect your business against breaches of privacy from unauthorized access, physical taking, or the mysterious disappearance of confidential information that leads to third-party losses resulting from identity theft.
Depending on your needs, the policy can also provide a variety of coverages, such as:
- Business Interruption
- Cyber Extortion
- Systems and Data Recovery
Other options can cover the cost of contacting those affected by the data breach, computer forensics to analyze the breach, fines and penalties, potential HIPAA (client medical records) exposures, and online activities on your company site.
The development and expansion of Cyber Liability coverage during the past two decades has paralleled the explosive growth of computer technology: Today’s policies are increasingly comprehensive – and inexpensive. Contact us today to discuss your Cyber Liability Insurance needs.
Read more
