Skip to main content

Cyber attack – a double jeopardy?

By Calum MacLean
Senior Risk Manager

With eye-watering increases in cyber and ransomware attacks, there are now dual cyber security risks to be considered.

The unfortunate case of a cyber incident at a law firm reported in the press recently highlights the dual risks for any unwary business in today’s online environment.

Not only did the firm fall victim to a ransomware attack, whereby their client data was encrypted and no longer accessible to the firm, but they were then also fined almost £100,000 by the UK Information Commissioner’s Office (ICO) for failures in their cyber security provision.

The ICO found that the firm had failings in a number of areas that had left them vulnerable to a cyber attack. These included:

  • Failing to implement security patches on software in a sufficiently timely manner.
  • A lack of Multi-Factor Authentication (MFA) implemented across all key systems which held personal, confidential data, and in particular for remote access into the firm’s network. The Commissioner says that MFA is particularly important for authentication to services that hold sensitive or private data.  
  • Sensitive client data not being encrypted, thereby resulting in a loss of confidentiality to unauthorised users. 

935% increase in ransomware attacks

The UK Government’s National Cyber Security Centre (NCSC) has reported an eye-watering 935% increase in ‘double-extortion’ ransomware attacks since 2021. In this kind of attack, the criminals exfiltrate stolen data before they encrypt it, then threaten public release of the (often sensitive) data to try to force payment.

This is not an isolated statistic. Post pandemic cyber fraud figures should give all businesses cause for concern. According to Proofpoint’s 2022 ‘State of the Phish’ report, more than 9 in 10 UK firms were successfully compromised by an email phishing attack in 2021.

How compliant is your business?

1. Do you apply MFA to all accounts and systems where sensitive / critical data or assets are stored? This includes remote access functions, cloud-based applications (including Microsoft 365 and online services such as Dropbox or DocuSign). It is also important to proactively recommend that your customers and other third parties do the same so you can better trust your interactions with them.

2. Are you sure that all your systems are always kept up to date with necessary security updates? This doesn’t mean simply relying on your anti-virus being up to date, so understand the process for managing software vulnerabilities and updates, even if an external IT provider delivers the service.

3. Is sensitive data (e.g., customers or staff) adequately secured with appropriate encryption? Personal data should be encrypted whether it is at rest or in transit.  

4. Do you carry out regular cyber risk reviews to identify your business’s online security vulnerabilities? Are you confident you aren’t exposed to common cyber threats?

Free cyber risk review for QBE customers

QBE helps businesses build resilience through risk management and insurance.

As a global business insurer, we know that the constant and evolving cyber threat can be challenging for firms of all sizes.

To help in the fight against cybercrime, we’re offering a complimentary ‘CyberProfiler’ business cyber risk review, delivered by our partner, cyber risk experts STORM Guidance. You’ll receive a non-intrusive outside-in view of your online vulnerabilities and a report alerting you to any weak areas exposed to cyber-attack, along with recommendations to reduce the risk. Click here for more information.

Need to claim? Report it early

Finally, a reminder that if you have an incident and need to make an insurance claim, it’s important that you report it as soon as possible, ideally the same day. Reporting a claim early can save time and help you to receive support and any claim payments faster, as well as allowing us to help mitigate the cost of third-party claims.