This article is by Simon West, Director of Customer Engagement at Resilience Cybersecurity, and it looks at recent attacks and the impact they can have on businesses.
Today, cyberattacks are becoming increasingly commonplace. In the first quarter of 2024 alone, the average number of cyberattacks per organisation per week increased by 28% compared to the last quarter of 2023.
As digital transformation sweeps across every sector, organisations need to comprehensively rethink how they mitigate and defend against such
attacks. By combining cybersecurity with cyber insurance, businesses can ensure they can cope with attacks by bad actors, while maintaining the confidence and trust of their customers.
New face of cybercrime
In September 2023, the hacker group known as Scattered Spider thrust itself into the spotlight after it was accredited with conducting a cyberattack on MGM Resorts’ systems. The consequences of this attack forced the conglomerate to keep its systems offline for days, dealing major operational damage to MGM’s 30 resorts and casinos. According to internal research conducted by Resilience, over the past six weeks Scattered Spider has targeted 29 banks and large-scale insurance companies, including Visa and New York Life Insurance Co.
How successful these attacks were is not known, but research indicates that at least two insurance companies were successfully breached by the ransomware group. We further observed that cyber attackers are acquiring domain names closely resembling those of specific target companies. These domains host counterfeit login screens designed to redirect unsuspecting employees through phishing efforts. For those who land on these deceptive sites, there is typically a “need help signing in?” link which misdirects them to another domain, tricking users into giving up sensitive data or information. Such phishing has been used frequently by Scattered Spider in its attacks.
These tactics help illustrate the rising complexity of cybercrime. By targeting high-value institutions with personalised phishing schemes and domain spoofing, bad actors are demonstrating an intricate understanding of both technological vulnerabilities and human behaviour. Cyber criminals are not merely relying on brute force or generic malware but are instead crafting highly tailored attacks that exploit specific weaknesses within an organisation’s defences.
As these threats continue to evolve, organisations need to adapt by not only implementing advanced technological defences but also enhancing their cybersecurity and incident response strategies. With attacks such as those from Scattered Spider becoming more common, businesses should remain vigilant and adaptable to maintain operational value.
Integrating cybersecurity and insurance
The changing nature of cyber risk demands a new, more holistic way of thinking about cybersecurity. Total loss elimination is impossible in a period where cyber criminals have increasingly complex ways of breaching networks and stealing data, and businesses need to recognise this. The goal here is to redefine what it means to be ‘cyber resilient’ via a holistic approach to mitigation, incorporating cybersecurity with cyber insurance.
Cyber risk management providers, such as Resilience, offer more than just financial coverage; they facilitate access to a network of cybersecurity experts, legal advisers, and management teams. For example, one of Resilience’s key offerings is cyber risk quantification. Security advisors and CISOs need to speak the language of the board and demonstrate that cyber risk is a business risk and provide their teams with the financial value of the cyber risk faced. This enables firms to determine the degree to which they can endure an attack and continue operating and then allocate the appropriate capital. This helps organisations understand the level of cyber risk mitigation, such as security controls and cyber insurance, suitable for their business, ensuring their cyber resilience strategy maximises their return on investment.
Another key feature of robust cyber resilience is cyber threat visibility. This is the notion of understanding cyber risks across the third-party supply chain and monitoring not just direct threats, but threats to third-party partners. This is particularly relevant in the Scattered Spider
case, as the fake domain sign-in page used breached Okta, the authentication and login service used by many of the compromised companies. Had this aspect of threat visibility been diligently employed, the scope of these attacks could have been minimised considerably.
The untapped shield missing from your business strategy
Incidents such as those perpetrated by Scattered Spider demonstrate the vital need for robust risk management and cybersecurity strategies. However, 60% of current CEOs don’t make cybersecurity and insurance part of their core business strategy. In order for businesses to
continue operating in a period of increasingly complex cybercrime, businesses should make cyber insurance a stronger priority.
Firstly, cyber insurance can provide financial protection against extortion and losses. The Scattered Spider attacks highlight the financial implications of successful breaches, and the damage they can cause to share prices or wider business success. Cyber insurance can mitigate these losses by covering ransom payments, system restoration costs, and compensations for business interruptions. This financial backstop is crucial for maintaining business operations and protecting shareholder value in the aftermath of a breach. The cost of cyberattacks is continuing to increase. In fact, 66% of organisations reported being targeted by ransomware last year, with the average ransom payout more than doubling from $812,380 in 2022 to $1,542,333 in 2023.
Rapid digitisation offers new access points for bad actors to deal operational damage and businesses need to be aware of this. Organisations that are insured convey a message of responsibility and preparedness to their customers and partners, and having strong cyber insurance helps differentiate businesses from their competitors, encouraging trust amongst customers. This is especially critical in sectors such as banking and healthcare where data sensitivity is high, and the consequences of successful attacks can often spread through the wider financial system.
Given the evolving nature of cyber threats, siloed cyber risk strategies are no longer sufficient. Organisations need to embrace both cyber insurance and proactive cybersecurity measures to create robust cyber risk management profiles, ensuring they are as resilient as they can be to cyber threats.
Be the first to comment