In this digital age, everyone is vulnerable to a cyber-attack from cyber criminals. You should be on the lookout for five most common cyber criminal types that can harm you or your business.
The Engineer is a cybercriminal that poses as someone within a company or maybe a friend in your email address book. This person reaches out to obtain sensitive, confidential, financial or otherwise protected information. For Example, your HR Manager sends an email asking for another copy of your W-4 to have on file.
The Engineer gains access to PII (Personally Identifiable Information) by encouraging victims to engage in risky behavior by appearing as a known and trusted acquaintance. PII usually includes names, addresses, dates of birth, social security numbers, account numbers, credit card numbers and other financial or personal information.
You should always check the email address of the person requesting the information. If possible, always attempt to reach out to the person directly to confirm their request and avoid leaving voicemails or responding to the email directly.
The Phisher often uses email that appears as a legitimate source and can contain a link or attachment that allows phishers access to sensitive financial information. For example, the Phisher poses as your mortgage company with an encrypted email that instructs you to log-on to their website. Once you click on the link or attachment, the phisher gains access to the network and any information they wish to access available on that network.
Installing Anti-Virus and Anti-Malware software can block the malicious attack for personal home networks or work. Businesses can train employees how to respond to an attack and ensure proper security protocols are in place to quarantine the affected computer. Separating the network and utilizing authentication protocols between important data and the network further secure the business.
The Hacker utilizes weak, default, or stolen passwords to access information. They leverage malware to capture keystrokes from an infected device and gain access to valuable data from you or your business.
Strong passwords are a great first defense against hackers especially when used alongside multi-factor authentication. The extra authentication is usually a text message or phone call with a separate security pin that must be provided for a successful sign-in. And, you should always keep your operating systems, applications, and software updated and patched to increase security.
THE DISGRUNTLED EMPLOYEE
Employees are insiders and a vindictive employee can present a threat to a business. They know how to access data and knowledge of what is stored and where. Both consumer personal data and confidential business information can be compromised by a current or former employees.
Protect your business by restricting access to sensitive data to only those employees that need access and monitor internal account usage to prevent attacks from within and external. Also, be sure to delete access to your computer system for terminated employees as soon as possible.
The extortionist uses code and ransomware to freeze access to the computer unless the user pays a fee. They use facades such as posing as the IRS or FBI and scaring users into paying through untraceable sources such as bitcoin.
Users need to utilize security rules, frequent backups, and encryption to protect their data. Seeking professional I.T. consulting is a safe bet for both home users and businesses.
Cybercriminals can steal an individual’s identity or a business sensitive data which leads directly to financial loss whether it is from costs to protect yourself from further harm or with legal fees to argue against incurred debt.
Preventing and resolving attacks cost individuals and businesses too. Whether it is from following local laws, regulations, language and concepts, industry practices, and exposures or litigation management
*Sometimes local laws and regulations require a cyber policy be issued by a locally licensed carrier.
SOURCE OF RISK
There are many sources of attack including hackers, Human Error, Employees, third-party vendors, and customers.
There are many items that are at-risk such as laptops, computer networks, wireless networks, PDA’s, cell-phones, paper files, websites, and the cloud.
Among the losses associated with a cyber crime, the following are the most common:
FIRST PARTY CLAIMS
- Hardware or software malfunction
- Data Corruption
- Denial of Service Attack DNS
- Copyright and trademark infringement
- Data privacy breach
- Internet media liability (Defamation)
- Unauthorized access, Unauthorized Use
- Statutory/ Regulatory Liability (Federal and State)
Apart from the normal security protocols and training, insurance exists to make you or your business whole when you are a victim of a cyber security attack. L.H. Brenner can offer many types of insurance to protect you including:
Security and Privacy Liability Insurance – This covers claims from third parties such as customers, vendors, etc.
Event Management Insurance – This covers security failure or privacy breach by paying costs of notifications, public relations, etc.
Network Business Interruption Insurance – This covers financial loss when the business cannot continue to run because of the attack.
Cyber Extortion Insurance – This covers when a cybercrime denies access to the business unless a fee is paid.
Cyber Media Insurance – This covers copyright infringement, trademark infringement, defamation and invasion of privacy.