Have you ever been hacked? If not, then invest in cybersecurity a lot because email hacking or what is dubbed as Business email compromise (BEC) attacks in the tech world have overtaken both ransomware and data breaches.
According to Insuarence Giant AIG, BEC has been recorded as the leading main reason why companies filed a cyber-insurance claim in the EMEA region last year alone.
Statistics published by the firm in July revealed that BEC-related insurance filings accounted for 23 percent of all cyber-insurance claims received by the company in 2018.
Of those surveyed, almost half (47%) have been hit by a ransomware attack as a result of an employee opening a suspicious email and 31 percent fell victim to a business email compromise (BEC) attack. However, the majority (75%) of organizations have been hit by a brand impersonation attack.
- One trillion phishing emails sent every year
- Hackers target Office 365 business accounts
- US presidential candidates aren’t using basic email security
According to Barracuda research, finance departments are the most targeted by email-borne cyber-attacks according to 57 percent of respondents. Though 32 percent said that customer support was their most targeted department which could signal the start of a new trend among would-be attackers.
According to the Communications Authority of Kenya, local organizations were hit by 11.2 million cyber threats. This records a 10.1 percent increase in the number of incidences in the first quarter of 2019 when compared to the previous quarter. CAK’s incident response centre detected growing cases of malware, web application attacks, system misconfiguration, and mostly online abuse.
According to AIG, the recent rise in cyber-insurance claims from BEC attacks was caused by poor security measures at victim companies including the use of poor passwords for email accounts, not using multi-factor authentication and the lack of employee training about email-based attacks.
Although BEC attacks currently hold the top spot, AIG expects that ransomware may regain its top spot soon. As ransomware became more targeted, the number of ransomware-related cyber-insurance claims dropped last year. This is because those launching ransomware attacks have begun to target businesses and government organizations as opposed to consumers. The number of incidents may be lower but the attackers behind them are receiving larger payouts.
As enterprise and government victims learn that they can offset losses by filing a cyber-insurance claim, AIG believes that the number of claims will go up despite the smaller number of ransomware infections recently. This trend has already become widespread globally and a recent investigation discovered that insurance companies are now advising victims to pay the ransom demand and then file a cyber-insurance claim afterward.
AIG also found that GDPR has affected the number of cyber-insurance claims filed as businesses can no longer hide data breaches and have to disclose them under the regulation. Now companies are publicly revealing their data breaches and filing a cyber-insurance claim to help cover some of their costs and any fines levied against them under GDPR.
A fifth of all the cyber-insurance claims AIG received in 2018 included a public GDPR notification. However, the firm found that these claims included costs that were significantly higher than those did not include a GDPR data breach notification.
Here is a source highlighted and review of the best antivirus software of 2019.
Kenya Insights allows guest blogging, if you want to be published on Kenya’s most authoritative and accurate blog, have an expose, news TIPS, story angles, human interest stories, drop us an email on [email protected] or via Telegram