Cyber security threats you need to be aware of in 2020

NMU-Cyber-&-Financial-Lines-Underwriting-Manager-Matthew-Drinkwater

The start of a new decade is always time for reflection of failures and successes, of things we might have done differently and of events that we never even imagined occurring in the first place. Nowhere is this demonstrated more alarmingly in the insurance world than cyber.

There’s never been a class of business that changes so rapidly, with technology becoming increasingly inter-connected and new risks constantly emerging – insurance policies must invariably adapt to protect businesses, large and small.
Over the past decade, a new lexicon entered our consciousness, from Stuxnet to Shamoon and Adhaar – these major malware and data breach attacks caused considerable disruption and opened our eyes to the realities of the 21st Century cybercrime. With this in mind, we’re taking a look at some of the most prevalent cyber attacks that occurred in 2019 and outlining key cyber security trends to look out for in 2020.

Facebook

Back in April 2019, Facebook suffered the first of several major data breaches – with 540 million records including usernames, account IDs etc. uploaded to the AWS server. Merely 5 months later, 400 million phone numbers of Facebook users were publicly leaked onto an unsecured database. It was in November, however, that Facebook suffered the most crippling attack, as it was revealed that 100 third-party app developers had unauthorised access to Facebook user information including member names and profile pictures.

Disney

With the launch of its new service ‘Disney+’ in November of 2019, Disney’s streaming platform became a major target for hackers. Fraudsters were able to infiltrate and hijack thousands of users’ accounts, attempting to sell login details on the black market and essentially locking paying customers out of their devices and accounts.

Capital One

In July 2019, a single hacker exploited a vulnerability in a web application firewall and subsequently breached Capital One’s security systems. The individual attained unauthorised access to 100 million credit card customers’ personal and bank account details, payment history and more.

Fortnite

As one of the most popular video games in the world, Fortnite unsurprisingly has attracted a host of hackers and cyber criminals. In January of 2019, Epic Games discovered a bug on the login page of the app, which allowed hackers to log in to millions of player accounts and purchase in-game currency using registered credit cards.

All businesses are at risk

In the last year alone, brands including Instagram, Toyota, Hostinger and many more were affected either by data breach, ransomware, malware or theft by deceptive means. However, it’s not just large companies who face the risk of a data breach – many cyber-attackers do not differentiate based on a company’s size, location or industry as to when and where they will next strike. That is why all modern businesses must be aware of the key cyber threats they face in 2020 and beyond.

Key cyber threats to be aware of:

1) Advanced Phishing Scams

With the wealth of data available to online fraudsters, phishing emails continue to become more authentic-looking and increasingly difficult to detect. In 2020, increased personalisation and tactics such as HTTPS encryption are predicted to become the norm – making it harder for companies’ employees to differentiate between genuine and malicious communications.

2) Exposed Cloud Databases

With the vast majority of businesses now utilising cloud computing for data storage, this presents an opportunity for data exposure which can have severe consequences – potentially leading to a data breach.

3) Deepfakes

As we outlined in our previous blog, the use of deepfakes in malicious activity has grown exponentially with recent advancements in technology and the relative ease with which individuals can now download software to create them. A new form of spyware known as “stalkerware” tracks smartphone data from victims to gather an understanding of their activities – this can then be used to create fake videos, voice recordings or text communications.

4) AI and Machine Learning

Whilst Artificial Intelligence (AI) and Machine Learning (ML) are increasingly being used to provide cybersecurity protection, attackers are now studying how networks utilise ML so they can figure out how to breach them. Both AI and ML are being used together to boost the effectiveness of deepfakes; by gathering and processing large amounts of data, fraudsters are able to better understand their victims and whether a deepfake attack will succeed.

5) Supply chain attacks

In these attacks, fraudsters inject malicious code onto a website (typically ecommerce); this then allows them to steal data, including customers’ personal details and credit card information. Only last year British Airways fell victim to a large-scale supply chain attack and were subsequently fined a record breaking £183 million. Experts predict we will continue to see such sophisticated cyberattacks continue.

6) Human Error and Social Engineering

Every business has people working for it and people make mistakes. Research proves that about 90% of all cyber claims last year stemmed from some type of human error or behaviour”. – Matt Drinkwater, Cyber & Financial Lines Underwriting Manager.

Despite the growing number of cyber threats, human error is seven times more likely to cause data protection breaches than hackers are. Some common examples of human error include:

• Data sent to the wrong recipient
• Loss or theft of paperwork
• Failure to redact data
• Failure to use bcc when sending an email
• Unencrypted devices being lost or stolen
• Being socially engineered

Get CyberSafe

In 2019, we launched our first Cyber Policy “CyberSafe”, designed to cater to the unique risks UK SMEs face. Post-launch, we worked closely with our customers, listening to their needs and revising our product to ensure it provides protection that’s fit for purpose. We expect CyberSafe will continue to develop as the world of cyber evolves and new risks become apparent.

To speak to someone at NMU about Cyber insurance CLICK HERE, leave a message and youTalk-insurance will pass your enquiry on.

Authored by NMU

CLICK HERE TO SIGN UP FOR OUR
FREE BI-WEEKLY NEWSLETTER

About NMU

NMU is an award-winning provider of specialty insurance solutions

We are the first choice for brokers looking for specialty insurance, offering solutions that are not simply off-the-shelf, but built upon a real understanding of the risks faced by policyholders. This, together with our ability to write risks such as storage, installation, construction and exhibitions outside of the UK and offer terrorism cover on overseas property, sets us apart from the competition.

You can count on us, when you need us most! We are NMU

Our team of professionals based across the UK, provides customers with an in-depth product knowledge and a real personal service.

We provide bespoke insurance products that are not simply off-the-shelf solutions, but built upon a real understanding of the risks faced by policyholders as well as offering added value services to benefit our clients.

Our product and services range comprises:

Cargo InsuranceMarine cargo policies cover goods during import and export, including any incidental storage, as well as domestic distribution. Stock throughput polices can cater for all this plus other, intentional storage…read more

Freight Liability InsuranceCovering the liabilities to which hauliers, freight forwarders and warehouse keepers are exposed when they contract to move or store goods owned by others…read more

Engineering InsuranceCovering contractors’ all risks (CAR), erection all risks (EAR) and contractors’ plant; machinery movement (and installation), breakdown and business interruption; deterioration of stock; and electronic risks…read more

Marine Equipment InsuranceCovering remotely-operated and autonomous underwater equipment – ROVs, AUVs and the like…read more

Terrorism and Sabotage InsuranceStandalone terrorism cover can be a more flexible and cost-effective alternative to traditional placement routes…read more

Motorsport InsuranceDesigned for commercial risks, our motorsport policy offers 24/7 cover for teams at all levels across all disciplines…read more

Cyber InsuranceProviding SMEs with a simple, robust solution for cyber liabilities, cybercrime and restorative support…read more

Risk ControlWhilst we pride ourselves on our claims service, there is far more benefit to policyholders in preventing loss and damage in the first place…read more

Online FacilitiesTo complement our award-winning service, we use online facilities to assist NMU policyholders and brokers alike…read more

Claims ManagementWe pride ourselves on prompt and efficient claims management, which is supported by the use of independent surveyors and adjusters to quantify larger losses and to give advice on mitigation measures…read more

Latest video

NMU video: Celebrating 40 years in business

Authored by NMUA lot has changed over the last four decades – the way we work and communicate, the risks we insure, the technology we use to provide the best... click here for more