Login

Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Ransomware attacks soar in 2019: Beazley

Reprints
Cyber Risks Emerging Risks Technology P/C Insurers More + Less -
ransomware

Reported ransomware attack notifications against Beazley PLC clients increased 131% in 2019, with the sums demanded by cyber criminals increasing exponentially, the insurer said, in a report issued Monday.

The two most common forms of attack used to deploy ransomware are phishing emails and poorly secured remote desktop protocol, according to the Beazley Breach Briefing, which is based on reports to Beazley Breach Response Services.

Discussing phishing, the report says while there are many protections available in the forms of email filters and layers of authentication, “few of these solutions are broadly implemented.”

The report says tactics to mitigate phishing include multifactor authentication, forcing regularly scheduled password resets and preventing recycled passwords; and training employees to recognize and report suspicious email traffic.

The report said while remote desktop protocol enables employees to gain immediate access to their work computers, problems arise because it is easily identified while scanning; companies have very poor password policies, “giving a brute force attack a high probability of success”; and more than 20 vulnerabilities have been identified within RDP, many of which allow unauthenticated access to the target computer; and companies tend to have very poor patching policies.

Tactics to mitigate this risk include requiring access via virtual private network; whitelisting IP addresses that can connect via RDP; and requiring unique credentials for remote access, especially for vendors.

The report discusses also how third-party vendors were aggressively targeted by cyber criminals using ransomware in 2019, accounting for 17% of all ransomware incidents. 

The report said products and services with a large market share will likely remain ransomware targets, as well as communication devices, smart TVs, and cloud-based security and monitoring tools, “as they have a very larger attacks surface.”

 

 

 

 

 

 

 

 

Read Next

  • Ransomware attacks surge

    Data from Russia-based cyber security firm Kaspersky Lab ZAO showed that ransomware attacks across the world increased 60% between 2018 and this year, Sunday Guardian Live reported. These attacks have targeted around 174 municipal institutions along with 3,000 of its subset organizations.

Related Stories

Most Read in Risk Management

Sign up for Daily Briefing, the free email newsletter from Business Insurance.

About

Advertise

Reprints and Licensing

Resources

. Privacy PolicyTerms of Use

COPYRIGHT © 2024 BUSINESS INSURANCE HOLDINGS

Member, Beacon International Group, Ltd.