Menu

Do you think your small business is at risk of being hacked? An overwhelming 87% of small business owners don’t think so. But, your business might be at risk more than you realize. About half of small businesses experience a cyber attack.https://www.forbes.com/sites/mikekappel/2017/11/08/5-ways-to-improve-your-small-business-cybersecurity/#22d3f7241f6f

(Reuters) — The Trump administration on Wednesday publicly released its rules for deciding whether to disclose cyber security flaws or keep them secret in an effort to bring more transparency to a process that has long been cloaked in mystery.http://www.businessinsurance.com/article/20171115/NEWS06/912317279/Trump-administration-releases-rules-on-disclosing-cyber-flaws

(Reuters) — Up to 180 million smartphone owners are at risk of having some of their text messages and calls intercepted by hackers because of a simple coding error in at least 685 mobile apps, cyber security firm Appthority Inc. warned Thursday.http://www.businessinsurance.com/article/20171109/NEWS06/912317174/Mobile-app-errors-expose-data-180-million-phones-Appthority-security-firm?utm_campaign=BI20171109BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign

ATLANTA — Cyber coverage continues to evolve as the focus on types of perils changes, according to a panel of insurance industry experts speaking Thursday morning at the 30th annual Professional Liability Underwriters Society Conference in Atlanta.http://www.businessinsurance.com/article/20171102/NEWS06/912316989/Cyber-coverage-focuses-on-business-interruption-as-triggers-evolve-PLUS-conferen

 

 

Unfortunately, small businesses are sorely mistaken about their attraction to cyber attackers. A recent study (Ponemon Institute 2016 State of SMB Cybersecurity) found that in the last 12 months, hackers have breached half of all small businesses in the U.S.http://detroit.cbslocal.com/2017/10/24/small-businesses-risk-cybersecurity-attacks/

 

3D printing is on the verge of mainstream adoption, which will mean a fundamental shift in manufacturing. The driving force is not improvements to the technology, although those are also important, but rather a transformation in the industry’s business model.https://hbr.org/2017/10/3d-printing-gives-hackers-entirely-new-ways-to-wreak-havoc?utm_campaign=hbr&utm_source=linkedin&utm_medium=social

 

 

(Reuters) — The U.S government issued a rare public warning that sophisticated hackers are targeting energy and industrial firms, the latest sign that cyber attacks present an increasing threat to the power industry and other public infrastructure.http://www.businessinsurance.com/article/20171023/NEWS06/912316709/US-warns-public-about-attacks-on-energy,-industrial-firms

 

 

Yahoo’s been through it. So has the Democratic National Committee. More recently, it was Equifax. But it’s not just large businesses and organizations that are targeted by hackers. In fact, 1 in 5 small businesses has been targeted by a cyberattack, according to a study published Thursday by the Better Business Bureau.http://www.chicagotribune.com/business/ct-biz-better-business-bureau-small-business-cybersecurity-report-20171012-story.html

 

 

NEW YORK — The growing business role of the internet, the mounting exposures this brings and ways to manage and mitigate these new threats topped the agenda at a meeting of cyber experts which coincided with the start of National Cyber Security Awareness Month.http://www.businessinsurance.com/article/20171010/NEWS06/912316402/Cyber-awareness-campaign-aims-to-highlight-growing-exposures?utm_campaign=BI20171010BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign

 

Today Yahoo sent out a notice disclosing that a further investigation of the  2013 breach has produced new evidence. The company now believes that all of its three billion accounts were impacted, not 1 billion as it previously thought.https://techcrunch.com/2017/10/03/yahoo-says-all-3b-accounts-were-impacted-by-2013-breach-not-1b-as-thought/

 

(Reuters) — Property Claim Services (PCS), a Verisk Analytics company, estimated an insured loss of $125 million from a massive data breach disclosed last month by Equifax Inc., that has plunged the credit-monitoring company into crisis.http://www.businessinsurance.com/article/20171002/NEWS06/912316241/Equifax-data-breach-to-cost-insurers-$125-million-Lloyds-Beazley?utm_campaign=BI20171002BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign

 

 

More than half of U.S. businesses have experienced a cyber attack in the past year, according to a survey of executives released by Hartford Steam Boiler Inspection & Insurance Co. on Thursday.http://www.businessinsurance.com/article/20170928/NEWS06/912316166/Over-half-of-US-businesses-have-been-hacked-Hartford-Steam-Boiler-survey?utm_campaign=BI20170928DailyBriefing&utm_medium=email&utm_source=ActiveCampaign

 

The Securities and Exchange Commission, the country’s top Wall Street regulator, announced Wednesday that hackers breached its system for storing documents filed by publicly traded companies last year, potentially accessing data that allowed the intruders to make an illegal profit.https://www.washingtonpost.com/news/business/wp/2017/09/20/sec-reveals-it-was-hacked-information-may-have-been-used-for-illegal-stock-trades/?utm_term=.9a675f5cd94a

 

 

Travelers who check into hotels may run into some uninvited guests in the form of hackers looking to steal their financial information, analysts warn.http://www.businessinsurance.com/article/20170919/NEWS06/912315920/Hotel-industry-fights-constant-hacker-exposures-Wi-Fi-payment-cards?utm_campaign=BI20170919BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign

 

We are happy to announce a new partnership with CyberScoutTM, a leading provider of identity and data breach defense services, for our Allied Reinsurance Company (ARC) program, which reduces the risks related to cyber crime for our clients. Captive carriers accounted for about half of the personal lines market in 2016 and according to a 2016 survey by the Captive Insurance Companies Association (CICA), cyber risk is the number one emerging risk cited by captive insurance company owners and the number one non-traditional risk.http://mailchi.mp/b4be79c8df73/new-partnership-with-cyberscout?e=0f58a45b50

 

 

A trailer is not a warehouse covered by an insurance policy, says a federal appeals court in upholding a ruling in favor of Starr Indemnity & Liability Co. in a coverage dispute with a computer wholesaler over a theft.http://www.businessinsurance.com/article/20170905/NEWS06/912315645/A-trailer-is-not-a-warehouse,-says-court-on-Starr-policy?utm_campaign=BI20170905BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign

 

(Reuters) - A U.S. judge said Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches.https://www.reuters.com/article/us-verizon-yahoo-breach/yahoo-must-face-litigation-by-data-breach-victims-u-s-judge-idUSKCN1BB25Q

 

Hiscox, the international specialist insurer, today released the 2017 Hiscox Embezzlement Study™, an examination of employee theft in the US. The findings reveal that US businesses impacted by employee theft lost an average of $1.13 million last year. Small and mid-sized companies (fewer than 500 employees) continue to be disproportionally victimized by employee theft, representing approximately 68 percent of cases.https://globenewswire.com/news-release/2017/08/23/1091456/0/en/Employee-theft-cost-US-businesses-an-average-of-1-13-million-in-losses-according-to-2017-Hiscox-Embezzlement-Study.html

 

In a case that is on remand from the U.S. Supreme Court, an appellate panel has ruled that a plaintiff in a Fair Credit Reporting Act case has alleged a concrete injury from an inaccurate consumer report and can proceed with his case.http://www.businessinsurance.com/article/20170816/NEWS06/912315221/Fair-Credit-Reporting-Act-case-against-Spokeo-can-proceed

 

 

 

The digital world is expanding at such a rapid pace that we are required to not only increase resources, but also become more agile in addressing potential dangers for our organizations – even those not in the financial industry.https://risk-management.cioreview.com/cxoinsight/as-technology-industry-evolves-erm-takes-active-role-in-planning-nid-24809-cid-141.html

 

Protecting trade secrets has become more challenging in the cyber age, analysts say, and the loss of trade secrets can cause serious — sometimes permanent — damage to a company.http://www.businessinsurance.com/article/20170808/NEWS06/912315014/Trade-secret-risks-a-challenge-in-evolving-cyber-age?utm_campaign=BI20170808RiskManagement&utm_medium=email&utm_source=ActiveCampaign

 

A federal appeals court has reinstated a putative class action lawsuit filed by health insurer CareFirst Inc. customers in connection with a 2014 data breach, holding their potential risk of injury from the breach is “substantial.”http://www.businessinsurance.com/article/20170801/NEWS06/912314862/Data-breach-class-action-against-health-insurer-CareFirst-reinstated

 

Law360, Los Angeles (August 2, 2017, 10:17 PM EDT) -- A Michigan federal judge ruled Tuesday that Travelers doesn't have to cover a tool manufacturer's losses from an email-based theft scheme, giving insurers more ammunition to argue that computer fraud insurance doesn't apply to multistep scams and deepening a divide among the nation's courts on the scope of such policies.https://www.law360.com/insurance/articles/950528/travelers-win-deepens-divide-over-computer-fraud-coverage?nl_pk=d0a96663-dfd2-44eb-80db-7e18d6ac47b9&utm_source=newsletter&utm_medium=email&utm_campaign=insurance

 

by
|
In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor. http://www.npr.org/sections/health-shots/2017/07/26/539290596/hospitals-face-growing-cybersecurity-threats

In the neonatal intensive care unit of Cook Children's Hospital in Fort Worth, Texas, a father is rocking a baby attached to a heart monitor. http://www.npr.org/sections/health-shots/2017/07/26/539290596/hospitals-face-growing-cybersecurity-threats

The WannaCry worm is still alive. Honda said this week that it was forced to halt production for one day at its Sayama plant near Tokyo after finding the WannaCry ransomware in its computer network. https://www.forbes.com/sites/peterlyon/2017/06/22/cyber-attack-at-honda-stops-production-after-wannacry-worm-strikes/#6fc68b195e2b

The recent “WannaCry” cyberattack affected hundreds of thousands of computers around the world. The attack targeted organizations of every type, including hospitals, government agencies, and corporations, freezing computers and locking out users until they paid a “ransom” to release their data. http://www.cobizmag.com/Trends/Ransomware-is-on-the-rise-What-is-it-and-how-to-protect-your-company/

South Bend-based Beacon Health System is notifying about 1,200 patients that a former employee accessed patient records without proper authorization. The health system says it is unaware of any "actual or attempted misuse of patient information," which included Social Security numbers and possibly financial and health insurance information. http://www.insideindianabusiness.com/story/35546341/beacon-details-unauthorized-access-of-patient-records

After completing a probe with cybersecurity firms and law enforcement, Chipotle  (CMG) now believes that customers at stores across 48 states could have been affected by a hack on the company's payment systems between March 24 and April 19. In some cases, the stolen data contained the customer's name in addition to their card number, expiration date and verification number.  https://www.thestreet.com/story/14153756/1/chipotle-admits-cyber-attack-affected-most-u-s-stores.html

Ransomware is a growth industry – and it's growing because it works. Attacks by hackers that lock up data unless a ransom is paid shot up an unbelievable 6000% worldwide in 2016 over the previous year. According to the FBI, hackers “earned” over a billion dollars in ransomware attacks in 2016, some five times over the amount they netted in 2015. https://www.infosecurity-magazine.com/opinions/small-business-prepare-ransomware/

A medical device firm has agreed to pay a $2.5 million settlement in connection with a laptop stolen in 2012, said the U.S. Department of Health and Human Services’ Office for Civil Rights. http://www.businessinsurance.com/article/20170428/NEWS06/912313164/Medical-firm-settles-with-HHS-for-2-and-half-million-dollars-over-stolen-laptop?utm_campaign=BI20170428DailyBriefing&utm_medium=email&utm_source=ActiveCampaign

Cybercriminals had a very good year in 2016 — and we all paid the price.

These digital bandits became more ambitious and more creative and that resulted in a year marked by "extraordinary attacks," according to the 2017 Internet Security Threat Report from Symantec. "Cyber crime hit the big time in 2016, with higher-profile victims and bigger-than-ever financial rewards," the report concluded. http://www.nbcnews.com/tech/tech-news/cybercriminals-breached-over-billion-accounts-last-year-n753131

As we move beyond the widespread acceptance and use of online banking and trading platforms and push further into an increasingly digital financial marketplace, consumers face new forms of risk—namely, cyber risk—that would have been unfathomable previously. When confronted with risks that could be financially devastating, consumers are driven to mitigate and insure against such perils. Has the time come to purchase insurance for financial cyber risks?http://origin-nyi.thehill.com/blogs/pundits-blog/technology/330464-can-cybersecurity-insurance-protect-consumers-from-attacks

Instances in which Iowans’ identity was stolen jumped a whopping 30 percent, from a rate of 56 people for every 100,000 Iowans in 2014 to 73 just a year later, in 2015.

Most of the thefts happened via the internet. The growth in Iowa mirrors what is happening nationwide. Thefts via the digital world are on the rise as the crime evolves with technology. Yet, many people making legitimate purchases online still have a false sense of security about their private financial information. http://iowawatch.org/2017/04/26/unsuspecting-iowans-fall-into-cyberattack-web/

Hackers are demanding increasingly hefty ransoms to free computers paralyzed with viruses, as cyber criminals seek to maximize profits from large numbers of victims willing to pay up, according to cyber security firm Symantec Corp. http://www.businessinsurance.com/article/20170426/NEWS06/912313099/Cyber-extortion-ransomware-demands-surge-victims-keep-paying-Symantec?utm_campaign=BI20170426BreakingNewsAlert&utm_medium=email&utm_source=ActiveCampaign

Ransomware, identified by the U.S. Department of Justice as the “biggest cyberthreat” of 2017, isn’t just a problem for big businesses like hospitals or banks. Cyberthieves are increasingly targeting the malicious software, which locks all files on a targeted computer or network until the owner pays up, at smaller and arguably more vulnerable organizations.

Why ransomware increasingly targets the little guys

 

Almost 40% of computers in industrial applications were subjected to cyber-attacks in the second half of 2016, according to new research from Kaspersky Lab ICS Cert. It also reveals that the percentage of industrial computers (IPCs) under attack rose from more than 17% in July 2016 to more than 24% by December 2016. The top three sources of infection were the Internet, removable storage devices, and malicious e-mail attachments and scripts embedded in the body of e-mails. http://drivesncontrols.com/news/fullstory.php/aid/5386

You might think your smartphone or laptop is relatively safe from cyber attacks thanks to anti-virus and encryption software. But your devices are increasingly at risk from “side-channel” attacks, where an intruder can bypass traditional network entry points and use another way to compromise the device. http://theconversation.com/the-next-cyberattack-could-come-from-sound-waves-74716

Data breaches have resulted in hundreds of millions of data records being illegally accessed. Home Depot, Target, Michael’s, TJ Maxx, Snapchat, Facebook, Twitter, Sony, Kmart, Apple’s iCloud, First Commonwealth Bank, and P.F. Chang’s are just a few of the companies that have reported a major data breach. The Russian hacking of the Democratic National Committee during the 2016 Presidential campaign may have impacted the election. Similarly, DDos (Denial of Service) attacks have targeted banks and other financial service providers. http://www.lexology.com/library/detail.aspx?g=938c0783-bc64-407c-acc9-bcf92bb0eeff

 Security experts say how individual companies choose to save their data in anticipation of an outage depends on how long they can survive before the “lights” are turned back on. What level of availability does your company need? Is the face of your company an ecommerce site where even a few minutes offline can cost an astronomical sum? Will the cost of an active-active system outweigh the potential loss of business from an outage? http://www.csoonline.com/article/3178392/disaster-recovery/disaster-recovery-how-is-your-business-set-up-to-survive-an-outage.html

It is interesting to note the portions of the WikiLeaks Vault 7 dump that have elicited the most visceral response. Many pundits and analysts have divided their rage between targets like Julian Assange (the traitor), the leaking NSA/CIA employee (deep drip), and the NSA itself (Big Bro) for spying on U.S. citizens. But nowhere have I heard a word in the mainstream media about mis-attribution or Russian hacks. https://www.lifezette.com/polizette/u-s-intelligence-hamstrings-private-sector-security/

On Friday, a blog at Check Point Software Technologies’ website said that its engineers had found severe infections on 36 Android devices belonging to two unnamed telecommunication and multinational companies. The post pointed out that this is not unusual, but that the striking element is that the infections came preinstalled on the devices. http://www.itbusinessedge.com/blogs/data-and-telecom/the-android-supply-chain-is-not-secure.html

Data breaches have been occurring more frequently, and it is not just happening at large big-box retailers. In fact, most cybersecurity attacks target businesses with less than 250 employees because their security may be more vulnerable. So no matter the size of your business, it is important to manage the risks related to a data breach and reduce the significant costs that can result from one. Now might be the time to explore how cyber security insurance may protect your business. http://www.bizjournals.com/buffalo/news/2017/03/09/why-your-business-needs-cybersecurity-insurance.html

Today, we are just beginning to understand the seriousness of an emerging threat to the grid's cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy.http://www.dailymail.co.uk/sciencetech/article-4264862/US-power-grid-hacked-needs-better-cybersecurity.html

Some cyberattacks make it to the front pages of mainstream publications. We’ve read about the breach at Target of 40 million payment cards, and the cyberattack on Yahoo that compromised data from more than 1 billion user accounts. All these highly publicized cyberattacks have one thing in common: they involve customer data. http://www.forbes.com/sites/forbesinsights/2017/02/14/the-cyberattacks-we-dont-hear-about-but-should/#4c03773757c1

Researchers have issued a warning that hackers are resorting to the use of file-less malware programs to gain stealth access to the systems of organizations. This new form of attack is not only severe regarding its consequences but also represents a new threat, given its growing level of popularity. Here are details about this new form of stealth malware that you need to know. https://www.hackread.com/the-rise-of-file-less-malware-attacks/

Malicious viruses, like Stuxnet, explicitly target critical systems that control pumps, motors, valves and programmable logic controllers,” Deloitte warned in its ninth annual mining report. http://www.canadianunderwriter.ca/insurance/hacking-driverless-cars-concern-mining-industry-deloitte-1004108778/

November was another bumper month for big cyber attacks. There was something for everyone, with new mobile malware in the form of the Gooligan campaign, new distributed denial of service (DDoS) attacks through the Mirai malware and standard data breaches in the cases of Three and the National Lottery. http://www.cbronline.com/news/cybersecurity/breaches/monthly-attack-alert-biggest-cyber-attacks-november/

AS HACKERS wreak havoc with depressing regularity, the insurance industry finds itself forced to contemplate a whole new set of risks. They range from the theft of millions of credit-card numbers from American retailers to the disabling of the power grid, as happened in Ukraine last December. http://www.economist.com/news/finance-and-economics/21711086-only-cyber-calamity-will-reveal-how-ready-industry-insurers-grapple

When healthcare executives think of economics, their first thought no doubt is of money. But that’s not necessarily the right thought when it comes to the economics of cybersecurity, said Scott Borg, chief economist at the U.S. Cyber Consequences Unit. http://www.healthcareitnews.com/news/internet-things-enormously-expand-kinds-cyberattacks-hospitals-suffer-economist-says

A recent study performed by IBM's Resilient and the Ponemon Institute found that 66% of organizations would be unable to recover from a cyberattack. The results of the 2016 Cyber Resilient Organization study were released Wednesday, and show a decline in organizational resilience against cyberattacks. http://www.techrepublic.com/article/66-of-organizations-wont-recover-after-cyberattack-study-says/

Recently a software company in Florida was hacked. The company, which brings in about $25 million in annual revenue, serves clients such as Wal-mart and Big Lots. The hackers, based in Germany, got into the company's database, stealing all of its customer information. Hiring a data-recovery firm to undo the damage cost $5 million. http://www.cnbc.com/2016/11/17/cyber-hackers-the-biggest-threat-blowing-up-companies-worldwide.html

Whenever you read the words, ‘Google’, ‘China’ and ‘Hackers’ in the same sentence, it generally cannot be good news. A team of white hat hackers from China managed to hack Google’s flagship smartphone Pixel within 60 seconds. http://www.financialexpress.com/industry/tech/google-pixel-hacked-in-60-seconds-is-your-smartphone-safe-from-cyber-attacks/445351/

An "apology" from developer Hello Games over controversial space sim No Man's Sky this weekend has been blamed on a hack by a disgruntled employee. The incident began on the weekend when Hello Games' Twitter account posted a tweet simply stating that "No Man's Sky was a mistake." An email was also sent from the account of studio founder Sean Murray to a number of games journalists. http://www.gameplanet.co.nz/playstation-4/news/g5816855a6e5d7/No-Mans-Sky-mistake-tweet-blamed-on-hack/

The U.S. National Highway Traffic Safety issued recommendations to automakers on Monday on how to protect connected and automated vehicles from cyber attacks. The agency’s guidelines are suggestions, but cannot be enforced. http://www.bizjournals.com/pacific/news/news-wire/2016/10/25/hackers-have-proven-they-can-hijack-cars-so.html

Three-hospital Care New England Health System (CNE) agreed to pay a $400,000 fine and complete an OCR-prescribed corrective action plan that will last for six years. As in recent OCR penalties, the chain was sanctioned because of the business associate provisions of HIPAA. http://www.healthdatamanagement.com/news/ocr-hits-care-new-england-health-with-400-000-hipaa-fine

Last October, Ford dealer O.C. Welch and his service manager noticed that gross profits weren't as high as they should have been based on the number of repair orders. They scrutinized the books at O.C. Welch Ford-Lincoln in Hardeeville, S.C., and found payments to nonexistent vendors. The trail led to Assistant Comptroller DeAnne Ogden. http://www.autonews.com/article/20160926/RETAIL/309269961/a-dealers-nightmare%3A-%3Cbr-%2F%3E$2-million-embezzled

(Tampa Bay, FL) September 19, 2016 – A new report reveals that nearly half of U.S. consumers have experienced card fraud,(1) while another survey found that 56% of fraud victims changed their card use or shopping behavior after a fraudulent charge.(2) eConsumerServices (econsumerservices.com/), a dispute mediation firm, maintains that card issuers and merchants must be proactive to avoid losing business in cases of credit card fraud; so CEO Gary Cardone counsels banks and retailers on steps they can take to retain consumers’ trust.http://www.paymentsjournal.com/PressRelease.aspx?id=32768

The city contends the water department worker was disgruntled after being passed over for a promotion and decided to retaliate—by deleting the evidence the city uses to defend itself in TORT claims- those are grievances claiming negligence when city property damages private property.http://www.kjrh.com/news/city-claims-fired-water-department-employee-deleted-evidence-used-to-defend-tort-claims

Hackers are increasingly targeting healthcare institutions with malware because of their poor cyber-security posture, reliance on legacy IT systems, third-party services and the need to access information as soon as possible in order to deliver great patient care.  These are the conclusions released in a new report entitled McAfee Labs Threats Report: September 2016.http://www.itproportal.com/news/hospitals-paid-almost-100000-to-a-ransomware-attacker/

The Southwest Utah Public Health Department has agreed to repay some $73,000 in Medicaid allocations after investigators found one of its employees had been providing patient services through a separate private company.http://www.thespectrum.com/story/news/2016/09/10/health-department-employee-gone-after-apparent-medicaid-scheme/90205684/

Credit Suisse Group AG is accusing a group of five investment bankers who left for Jefferies Group LLC in May of stealing confidential information and trying to coax former colleagues to join them. http://www.businessinsider.com/r-credit-suisse-banker-dispute-shows-challenge-of-ceos-new-strategy-2016-8

America is under cyberattack; this is the harsh reality. Over the past few years, we’ve seen numerous high-profile hacks on government systems that have directly impacted government organizations, citizens, and in some cases even the presidential candidates themselves.

http://thehill.com/blogs/congress-blog/technology/294475-cybersecurity-the-key-issue-that-trump-and-clinton-still-need

A former administrative worker at a Florida-based pediatric practice has been indicted in federal court along with two others for alleged identity theft and fraud crimes involving stolen patient information. But no HIPAA-related criminal charges were filed in the case. http://www.databreachtoday.com/fraud-case-centers-on-alleged-stolen-pediatric-clinic-data-a-9383

  • HAVE A QUESTION?

    Fill out this form and let us know.

  • CONTACT US

  • Tel: 208-424-2249
    Fax: 208-944-3146

    9AM - 5PM Monday-Friday

    1112 W. Main St. Ste. 105
    Boise, ID 83702

  • © 2017 STRATEGIC RISK ALTERNATIVES | financial security + risk management + middle market companies | site design by V-Squared Creative