28
and attacks a password-protection mechanism.
Social engineering/cyber fraud: A typical case of social engineering cyber fraud where the attack is on individuals and policies of an organisation.
Distributed Denial of Service attack (DDoS): Overloading of a server with connections, with the aim of shutting down the target’s website or network system.
Phishing attacks: Hundreds of emails with an attachment or link are sent in an anticipation that someone will click on these links/attachments, allowing the hacker access to take control of the system.
Malware, spyware, ransomware: Malicious software created with the intent of gaining an unauthorised access including uploading of viruses or spyware.
Damage from cyber attacks
Cyber attacks can inflict significant financial damage to any organisation. The type of damage could be any of the following:
• Lost time and productivity • Remediation time • Cost of purchased technologies • Cost of outside consultants and technologies
• Short-term damage to reputation, brand and image
• Loss of revenue • Cost of notification • Out-of-pocket costs to prevent harm to victims • Lost customers • Regulatory fines and lawsuits • Long-term damage to reputation, brand and image
Unlike risks in the physical world, cyber attacks can proliferate instantly and cause a disproportionate level of damage. As shown in the graph above, the cumulative cost of just one of these risks (data breach) runs into billions of dollars.
Over the last few years, large banks have experienced a number of cyber attacks and failures:
• Cyber crimes: In 2013, hackers stole £1.3 million by hijacking the computer system of a branch of a British Bank.
• Data breach: In 2015, a bank paid £5 million in compensation to 2,000 customers whose personal data was stolen from a
Data breaches cost billions of dollars and wreak havoc across financial institutions Source: Cost of Data Breach Study: Global Analysis, Ponemon Institute.
Price and coverage score highly in cyber insurance buying decisions.
bank. Also, in 2017, Bupa suffered a data breach affecting 500,000 customers on its international health insurance plan.
• Technical glitches: Through 2015, a bank was affected by technical glitches caused by malignant sources. This included online and shop refusal glitches, ATM and money withdrawal glitches and complete digital channel glitches.
• Electronic record storage failures: Barclays was fined £2.3 million by the US Financial Industry Regulatory Authority (FINRA) in 2014 for one such widespread failure. Such records must be kept for a period of at least 10 years, to protect investors.
• Blocking access to accounts: Lloyds Banking Group suffered 48-hour online attack in January 2017 as cyber criminals attempted to block access to 20 million UK accounts.
• Fraud: In 2011, 360,000 Citi accounts were hacked and about $2.7 million were stolen.
So the demand for cyber-security insurance has been growing exponentially in the last few years. The global market for cyber security insurance is estimated to grow to more than $20 billion
www.ibsintelligence.com | © IBS Intelligence 2017
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48
