September Cyber Incidents

Posted on September 30, 2021 by Marijana Dabic

It’s been busy in the world of cyber risk, and September is no exception. In the past month, we’ve seen big players like Apple and Microsoft suffer zero-day vulnerabilities as well as ransomware continuing to wreak havoc across the globe.

The return of the REvil ransomware groupThe REvil ransomware gang has returned and is attacking new victims and publishing their stolen files.
Following a massive attack on July 2nd, which exploited a zero-day vulnerability in the Kaseya VSA platform to encrypt 60 managed service providers and over 1,500 businesses, REvil shut down their infrastructure and completely disappeared. The attack’s impact was felt worldwide, bringing the attention of international law enforcement, and the REvil gang suddenly shut down on July 13th.

To everyone’s surprise, the REvil ransomware gang came back to life on 7th September under the same name when the Tor payment/negotiation and data leak sites suddenly turned back on and became accessible. Proof of new attacks emerged on September 9th when someone uploaded a new REvil ransomware sample compiled on September 4th to VirusTotal. On September 11th, the group published screenshots of stolen data for a new victim on their data leak site.
Windows MSHTML zero-day exploits shared between attackersThreat actors are sharing Windows MSHTML zero-day (CVE-2021-40444) tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks.
On 7th September, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim’s computer remotely. After the vulnerability was disclosed, Microsoft Defender and other security programs were configured to detect and block parts of this attack.

While these mitigations will help, as the exploit has been modified not to use ActiveX controls, users are still at risk until an official security update is released. Until Microsoft releases a security update, everyone should treat all Word and RTF attachments suspiciously and their source manually verified before opening them.
Olympus hit with BlackMatter ransomwareOlympus, a leading medical technology company, is investigating a “potential cybersecurity incident” that impacted some of its EMEA IT systems last week. Olympus has more than 31,000 employees worldwide and over 100 years of history developing for the medical, life sciences, and industrial equipment industries.
While Olympus did not share any details on the attackers’ identity, ransom notes left on systems impacted during the breach point to a BlackMatter ransomware attack. The same ransom notes also point to a Tor website the BlackMatter gang has used in the past to communicate with victims.
Apple patches zero-day flaw exploited by NSO GroupApple has released security updates for a zero-day vulnerability that affects every iPhone, iPad, Mac and Apple Watch. Citizen Lab, which discovered the vulnerability and was credited with the find, urges users to immediately update their devices.
Citizen Lab said it has now discovered new artifacts of the ForcedEntry vulnerability which it first revealed in August as part of an investigation.

This exploit is significant because it breaks through new iPhone defenses that Apple had baked into iOS 14, dubbed BlastDoor, which were supposed to prevent silent attacks by filtering potentially malicious code. Citizen Lab calls this exploit ForcedEntry for its ability to skirt Apple’s BlastDoor protections.

Citizen Lab said it attributes the ForcedEntry exploit to NSO Group with high confidence, citing evidence it has seen that it has not previously published.

Source: www.cfcunderwriting.com

Cyber Tips: Backup Policies

Posted on August 30, 2021 by Marijana Dabic

Data is the most valuable part of a computer system and may be irreplaceable if lost to a ransomware attack or a hardware failure, or if it becomes corrupted. The following tips will assist you planning and preparing a backup policy for an incident in case the worst happens.

What is a backup policy?

A backup policy is a well-thought-out plan to mitigate against data loss that could happen due to a ransomware attack, hardware failure, data corruption, or some other detrimental event. If implemented well, it can help an organization to return to business as usual more quickly and easily.

The complexity of the backup policy will depend on the size of the organization, the number of applications and databases it uses, and the quantity of data that requires backing up. It will also depend on company policy and regulatory obligations applicable to the organization.

How do I implement backup policy best practice?

1. Identify your most critical data and plan accordingly

By identifying the most critical data to your business, resources can be allocated to ensure that this data is protected and prioritized. Backups can be tailored to that particular data accordingly.

2. Take frequent backups

If you have mission-critical data, then attention should be paid to the frequency of the backups that are taken.

3. Use the 3-2-1 approach to backups

Create three copies of your data in addition to the original file, using two different backup media types stored locally and one copy stored remotely offsite.

Backups should be isolated or air-gapped from the network when not actively backing up data. Backup media should never be permanently connected physically or over the network.

4. Employ versioning to data

Backups should contain old versions of your data, not just current versions of files backed up most recently. This is important in case of file corruption or ransomware that may be lurking in current data backups.

5. Periodically test the integrity of your backups

Data should be checked regularly to ensure that it is accessible and readable.

Other considerations for your backup policy

o Data should be encrypted when backed up. This will help prevent unauthorized access.

o Consider making your backups immutable, so they cannot be altered by you or the bad actors.

o Consider using remote storage. Cloud based storage can be a cost-effective option if managed correctly.

o Automate backups where possible. This will make the practice of backing up your data a part of everyday business.

o Consider the retention period for your backups. This is especially important if you are using cloud services to back up your data. Cloud data storage costs can mount up so determine a sensible length of time for storage in your backup policy, considering legal and regulatory obligations.

o Consider your data retention policy. Do you actually need all the data that you are storing and backing up? Often data is stored unnecessarily adding an unnecessary cost and has additional security burdens if exposed.

Source: www.cfcunderwriting.com

Esports Accelerating into Mainstream Entertainment Market

Posted on July 28, 2021 by Marijana Dabic

Imagine a nascent but fast-growing global market generating revenues running to billions of dollars and annual audiences well into the hundreds of millions. Now stop imagining – what you’re thinking about is the world of esports.

Moving mainstream

Esports have been developing for some years now, and the growing numbers and sophistication of the market prove it is here for the long haul.

Most of us are familiar with online gaming. Esports takes things one step further. Instead of people playing video games on their own, esports has created an entire online and in-person spectator experience around these games.

Professional players compete alone or as part of teams, battling each other in tournaments or as part of a league. Audiences fill out arenas, watching players fight it out on massive screens, or supporters log in online and watch their favourites play remotely.

In 2017, esports generated almost $700m in revenues worldwide and a global audience of almost 400 million.

In 2021, despite the impact of COVID-19 on physical spectator events, the market is forecast to have revenues of almost $1.1bn and an audience of 475 million.

Market stakeholders

There are many different stakeholders in the world of esports. There are the publishers who make the games that people play. There are then the tournament organizers. In many cases, publishers run their own tournaments, but there are also lots of third parties organizing events.

Streaming platforms such as Twitch or YouTube Gaming allow players to record and broadcast themselves to online audiences, who can then engage with supporters as they play. These players are often part of professional teams.

There are then the fans, who watch online or attend live events. They spend significant sums on merchandise and can support players through donations and subscriptions.

On top of all this sit the sponsors who provide the lion’s share of the market’s revenue and in 2021 this segment will account for almost 60% of the money generated by esports.

Investment interest

Understandably, investors want to get involved in a market that is generating revenues that will exceed $1bn this year and where live stream viewer numbers are exploding.

The COVID-19 lockdown restrictions accelerated the growth in these numbers, which will continue to grow as more games are tailored for watching on mobile devices and the experience for remote users improves.

FaZe Clan has led the way in monetizing interest in gaming through an entertainment-first model which has garnered a global fanbase of 339 million combined across all social platforms.

Audiences of this scale offer significant opportunities and it is no surprise that most of the money generated in the esports market comes from outside of competitive play.

New concepts are being developed quickly and are proving hugely successful. For example, a Travis Scott concert was hosted and broadcast within the game Fortnite. Players could drop in and watch the concert as part of their playing experience. They could also buy digital merchandise as part of the show.

The concert attracted 27.7 million unique viewers across five showings within the game, demonstrating the potential of these innovative events to engage new and sizeable audiences.

Risk and reward

In 2024, esports is on track to appear at the Paris Olympics as a side event. This sort of mainstream exposure will further accelerate its already stellar growth and make it even more attractive to big brands and sponsors.

In recent months, the restrictions on live events created by COVID-19 have seen many professional sports turn to esport alternatives to maintain audience engagement.

It is also the case that as a developing market, esports has not yet been standardized, increasing the number of opportunities to engage with the multiple structures surrounding the various players, teams, leagues and tournaments.

In the same way that professional football, or any other established global sport, relies on insurance, elite level esports has the same need for safeguards and protections, and demand is growing.

It is a market that is brimming with potential from media, entertainment and advertising to sponsorship, contingency and individual players.

Source: www.cfcunderwriting.com

Rebooting the Events Industry

Posted on June 25, 2021 by Marijana Dabic

COVID-19 dragged the events industry off a cliff, and the climb back to the top has still got a long way to go.

Governments across the globe have earmarked dates to do away with limits on social contact and it’s these dates the entire events sector is eagerly awaiting.

The pent-up demand to host and attend events is palpable and in recent weeks we have begun to see a noticeable uptick in the number of enquiries coming through to our contingency team.

This is especially the case for smaller events that do not require the same lead time or upfront investment as flagship gatherings such as Glastonbury or Coachella.

Supporting the transition back to full scale live events

The idea is to let several events go ahead in tightly controlled environments, so organizers and authorities can work out the best way to hold them safely in the future. Governments will be offering compensation should a pilot event be cancelled due to public health reasons.

Many people are clamouring for a comprehensive support package from the government in terms of providing backstop contingency cover for future events. In addition, any such cover would probably require event organizers to have their own insurance in place to respond in the first instance.

As brokers and their clients seek to arrange cover for their forthcoming events, they will have to bear in mind the significant impact COVID-19 has had on the contingency market.

Changing market dynamics

When the first lockdowns came into force in early 2020, scheduled events simply disappeared from the agenda. Enquiries for cover fell away to nothing and plans for live events were cancelled or shelved.

Some carriers took COVID-19 as their cue to leave the market, although there were also new entrants who saw it as an opportunity to capitalize on hardening rates.

At the moment, the small number of risks being placed in the market means it is difficult to tell just how much rates have hardened. But that will become more apparent in the coming months as volumes return to something more like normal.

Given the scale of recent losses and the historically soft nature of the pre-pandemic market, it is inevitable the price rises will be significant.

In addition, policyholders should expect exclusions for COVID-19 and communicable diseases to be standard. This cover will still be available if it is specifically required, although it will come at a cost and from a reduced number of carriers.

In truth, communicable disease exclusions were standard in the contingency market before the onset of COVID-19, although there will be more focus on them in its aftermath.

Where the difference between the pre and post pandemic market will be more pronounced is in the ability to find underwriters prepared to take on an entire risk. This issue will be more prevalent for larger events and brokers may find themselves having to engage with numerous markets to place the full cover required, when a single carrier might have offered it in the past.

Heightened awareness of risk

In a devastatingly short period of time, COVID-19 has shown the debilitating power of pandemics to bring live events, and economies more generally, to a halt.

Previous public health issues such as Middle East respiratory syndrome (MERS) and Severe acute respiratory syndrome (SARS) never delivered the widespread disruption they threatened. This cannot be said of COVID-19 and it has significantly heightened the awareness of the cancellation risk faced by the events sector.

This more practical understanding of cancellation risk should increase the penetration of contingency insurance and grow the overall size of the market in the coming months and years.

Even if event organizers decide not to buy cover, risk management considerations will be much higher up their agenda and they will be more open to discussions on the subject as they plan their event.

This extra interest should also act as a catalyst for brokers to strengthen existing client relationships and to develop new ones. It may also encourage clients to be more active in assessing and understanding the exact nature of the wordings and definitions in their policies. Such engagement would be positive for the market and minimize unexpected outcomes in the event of a loss.

In whatever way brokers and their clients interact with the contingency market going forward, they can rest assured it will be there to offer them the cover they need. Underwriters are just as desperate as they are to see live events back on the daily agenda.

Source: www.cfcunderwriting.com

What is the Internet of Things?

Posted on May 31, 2021 by Marijana Dabic

Dongles, Fitbits, Alexa, smart watches and more – we are all familiar with these handy pieces of tech. With ever-increasing functionality and user hype, the Internet of Things (IoT) is no doubt a growth market. But what defines IoT? How did we get here? What are the risks? And how much further can this tech go?

What is IoT?

It is estimated that there is a staggering 31 billion IoT devices online, but what exactly are they? The IoT refers to devices with embedded technologies that allow them to exchange data with other devices and systems over the Internet. An example of this is a smart home equipped with various interconnected devices (e.g., smart lighting, smart thermostats etc.) that can be controlled from a single app or device. Being able to turn on the heating and launch your favourite playlist before you have even stepped foot in your home, all from your phone, is surely not a bad thing.

IoT devices are also being deployed increasingly for commercial application. A study in the US estimates that 35% of manufacturers utilize IoT sensors within their manufacturing processes. Sensors can track parts as they move through the assembly line, giving process engineers improved oversight compared to traditional methods. This increased transparency can drive down costs for manufacturers and improve their bottom line.

How did we get here?

Technology companies have been trying to connect devices to the Internet for well over 40 years, with one of the first examples being a vending machine in the 1980s. This allowed the vending machine to report on its inventory and whether or not drinks were cold. For many reasons early attempts to develop this technology were largely unsuccessful. This quickly changed with the advent of smaller, cheaper to produce chips that could efficiently connect devices to the Internet. By 1999, technology pioneer Kevin Ashton had coined the phrase “Internet of Things”.

What are the key exposures for IoT devices?

Cyber vulnerabilities: Given their size, it is often hard to integrate robust cyber defences into IoT devices to fend off hackers. Once a hacker gains access, they can infiltrate the network the smart device is connected to. In what sounds like a Hollywood blockbuster movie, hackers managed to gain access to a casino’s network via a smart thermometer located in the fish tank, walking away with 10 gigabytes of the casino’s data – not quite suitcases of cash but just as valuable!

Intellectual property exposure: IoT is a competitive market with many large companies fighting for market share, but with this comes the very real potential for IP litigation. In particular, the complex nature of IoT can mean that companies can unknowingly infringe patented inventions and risk IP infringement allegations from competitors.

Bodily injury and property damage: Given the fact that IoT involves physical devices, there is an inherent exposure to bodily injury/property damage when compared to a non-hardware-based technology. For instance, the FDA had to recall 500,000 pacemakers in 2017 after concerns around cyber vulnerabilities which could be exploited to drain the battery or alter the heartbeat. The recall did not involve replacement of the pacemakers. Instead, medical staff were able to patch the security holes. Nonetheless, this highlights our reliance on IoT for critical functions and the potential for catastrophic loss.

What does the future look like for this growth area?

It is safe to say that the number of IOT devices will only increase and their functionality will also become more sophisticated. For better or worse, IoT is here to stay. Here are a couple of ways IoT may change the world in the coming years:

The idea of a “smart home” is something we are familiar with, but the idea of a “smart city” is still being developed. IoT has the potential to change the way we interact with the cities we inhabit. Smart cities will use a host of IoT devices to collect data using sensors, which can then be analyzed to improve health services, transport infrastructure and other services.

Farming is one of the oldest industries in the world, and while it has grown leaps and bounds from the days of horse-drawn farming, IoT has the ability to further modernize the sector. For example, sensors can be used to monitor weather conditions, livestock, agricultural drones and assist with crop management. Smart farms can drive efficiencies and bring down costs, making farming more profitable and environmentally friendly.

Global research firm Gartner estimates that by 2025 there will be 75 billion IoT devices connected to the Internet. The rapid rise of the number of units in circulation and the ever-increasing functionality of IoT brings with it increased exposures and risks.

Companies developing, manufacturing, or selling these devices need a comprehensive insurance policy to cover their exposures. CFC has a dedicated technology policy and an inhouse team of claims experts to deal with any issues that may arise. For more information, please contact ABEX or CFC.

Source: www.cfcunderwriting.com