Cyber Crime – What is it and are you at risk?
31 March 2017 Capital Insurance Brokers
We’ve all heard news stories about stolen customer information, hacked credit card details, or businesses being locked out of their own IT systems and held to ransom to get it back. Cyber crime can include fraud, extortion, identity theft, phishing scams and cyber terrorism. Criminals use malware and viruses, computer hacking, denial of service attacks and fraudulent online scams to execute their crimes. The reality today is that anyone connected to the internet is exposed to Cyber crime.
Globally there are 556 million cyber crime victims per year, 1.5 million per day and 18 victims per second! The average amount of time a hacker is inside someone’s IT system before they are even discovered is 280 days. Just imagine what information have they been gathering about you during that time?
A large part of online crime is now centred on identity theft which is part of identity fraud and specifically refers to the theft and use of personal identifying information of an actual person, as opposed to the use of a fictitious identity. Details are stolen and on-sold from one criminal to another to carry out their various crimes.
In today’s world of being able to store data in the ‘cloud’ and access it from tablets, phones, practically anywhere, we need to remember this convenience also brings risks. We all need to be aware.
From a Business perspective, it has recently been reported that a significant number of Cyber breaches are as a result of employee negligence or internal malicious acts. Cyber risks cannot be just considered as an IT issue, as it is a people issue too. Awareness and education are vital.
As a business owner or manager Cyber crime is an even more important issue for you to be aware of. Anyone who owns or operates a business which handles data or private information, whether it be profiles of employees, credit card information, sensitive demographic information about customers, information on budgets, customer lists, share prospectus etc, should consider Cyber insurance. (Yes, that is a thing now!)
With millions of consumers transacting online with businesses each year, it is an organisation’s obligation to put mechanisms in place to prevent the loss of its customers personally identifying information (including names, addresses, login details, credit card details, unique identifiers such as a Medicare number; and also transactional data which could be combined to paint a picture about the user.)
A common misconception amongst businesses who don’t see themselves as an online organisation, is that they are immune to cyber attacks or it is not an important issue for their business. This is a dangerous view as we are all online in some capacity these days. Most businesses are likely to have files & records stored on computers which are connected to the internet, are therefore at risk of attack, and responsible for the protection of that information. Another misconception is that only large or high profile companies are at risk of a cyber attack; however evidence continues to show that small and medium size businesses are increasingly being targeted by cyber criminals as the ‘path of least resistance’. Small businesses are often targeted for their customer data, intellectual property and bank account information. SME’s are also often used as “watering holes” or loopholes to break down the security of, or get access to other businesses.
Cyber insurance can help a business return to their normal operating status after a cyber attack or data breach. A comprehensive cyber insurance policy is designed to assist with:
- Your own costs (crisis management, forensic analysis, repairing and restoring computer systems),
- Third party costs / Liability;
which can result from a cyber incident.
Many in the insurance industry expect that it is only a matter of time before Cyber cover in some form, starts to appear as part of our personal insurance policies in Australia. If your fancy new fridge is connected to the internet, it could be hacked (even if only as a teenage prank). What about a remotely programmable oven accessed via your phone? And then there’s smart cars!? - Watch this space!
Some tips for preventing cyber attacks
Passwords, emails, social networking and out-of date software all provide opportunities for cyber criminals. To help prevent attacks, some of the common suggestions are:
- Protect your computer with both a firewall and an anti-virus program. Keep your anti-virus program up-to-date and remember to renew your subscription.
- Create a password of more than six characters with a combination of letters and numbers. Do not save the password on your computer or share it with others, and change it regularly.
- Email is the most likely route for viruses and hackers. Do not open any email attachments that look suspicious. Think before you click!
- Use the privacy settings on social networking sites to help prevent malicious access to your personal information.
Remember to back-up important data. Viruses and malware can destroy information, that without a back-up will likely be lost forever.
How do I find out more?
The Australian Government has an online safety and security website www.staysmartonline.gov.au designed to help home and small business users understand online risks. It offers simple steps you can take to protect your privacy online, you can read about recent online threats, check alerts and learn more. The following sites can also be useful:
http://www.scamwatch.gov.au - ACCC advice on scams
If you would like to discuss Cyber insurance (or any other insurance needs) please contact our office on (02) 6282 7666 and the Capital Insurance Brokers team would be happy to assist.