April 1, 2021

cyber

Microsoft attack could result in a flood of cyber claims

US organizations are more likely to have been using the compromised Microsoft Exchange servers, as are larger businesses, the report found. Germany, Africa, the Middle East, and Australasia were also identified as high-risk regions. Many smaller companies weren’t affected by the attacks, as they opted to use cloud-based email systems, which weren’t targeted.

The attacks, which are believed to have been carried out by Chinese state-sponsored hackers, exploited vulnerabilities in Microsoft Exchange servers to allow malicious code to be placed on them. The code can be used for ransomware, espionage, or redirecting system resources to mine for cryptocurrency on behalf

Read More

Policyholders potentially endangered after hack of cyber insurance provider

The CNA Center in Chicago. (Antoine Taveneaux, CC BY-SA 3.0 https://creativecommons.org/licenses/by-sa/3.0, via Wikimedia Commons)

Insurance firm CNA Financial, a prominent provider of cyber insurance, confirmed a cyberattack against its systems, which has some concerned that cybercriminals may target policyholders.

Cybercriminals generally know that companies represented by a cyber insurance company are more likely to pay a large ransomware demand than an uninsured business that doesn’t have the financial backing.

It is currently unclear as to what client information may have been compromised in the attack against the Chicago-based firm, with roughly $10 billion in annual revenue. But gaining illegal

Read More

Millersville University cyber attack: Some personal information compromised

We are learning more about a recent cyber attack on Millersville University that shut down the school’s computer system.On Wednesday, university President Daniel Wubah sent out a letter that said the personal information of a “handful” of individuals had been compromised.Spokesperson Janet Kacskos couldn’t give an exact number but said it’s “very few individuals.”The university said all of the people affected are being notified and are being provided with resources to deal with the breach.Millersville said it has not yet pinpointed the source of the attack and is still working to repair it.While this breach was successful, the school said … Read More

Best cyber insurance in 2021

Cyber insurance is quickly becoming a must-have amid cybercrime, ransomware, and daily threats. The problem is that wading through insurers is a bit daunting. With that in mind, I went shopping. 

For large enterprises, cyber policies are increasing the cost of doing business. Large firms such as Equifax, Marriott, and SolarWinds all had coverage to cushion the hit from high-profile data breaches. Smaller enterprises may not have the coverage.

Also: What is cyber insurance? Everything you need to know

I have a few working theories about the cyber insurance market.

  • This year — 2021 — will be the year that
Read More

Google to Offer Cyber Insurance From Allianz, Munich Re to Cloud Users

Google is teaming up with two global insurers to cover cyber breaches and related risks for businesses that use its cloud services, the first time a major provider has opened up such insurance to its clients, the companies said on Tuesday.

Major insurers have been treading carefully on cyber risks for years, but the tie-up between Google, Allianz and Munich Re gives the insurers special access to data to see what controls are in place at client firms to help them price the risk.

“This is extremely key. This is data that we as insurance carriers traditionally have not had

Read More

New York issues cyber insurance framework as ransomware, SolarWinds costs mount

On February 4, 2021, New York became the first state in the nation to issue a cybersecurity insurance risk framework to all authorized property and casualty insurers. In releasing the framework, New York’s Department of Financial Services (DFS) said that “[f]rom the rise of ransomware to the recently revealed SolarWinds-based cyber-espionage campaign, it is clear that cybersecurity is now critically important to almost every aspect of modern life—from consumer protection to national security.”

The framework applies to all property or casualty insurers that write cybersecurity insurance. However, the DFS wants all insurers, even though those that don’t offer cybersecurity insurance,

Read More