Be Prepared: Potential Cyber Attacks to Watch Out For

From ransomware to social engineering, cyber threats are complex and expensive, and the potential impact of these threats extends beyond just a business's network. Did you know data breach laws extend to paper records in addition to the electronic data businesses might store? Consider the following statistics from the Verizon 2021 Data Breach Investigations Report

• The median loss for a ransomware attack is over $175,000.
• Many businesses do not have the tools or procedures in place to detect identity fraud, including an incident response plan. It can take several days before a business is notified of an attack, giving bad actors plenty of time to do extensive damage.
• Mistakes happen. Around 80% of reported breaches involved human error.

Common Cyber Security Claims Scenarios to Be Prepared For

Let’s take a look at a few examples of cyber security claims scenarios that help illustrate the value of cyber risk insurance from Great American.

Ransomware

A school district discovered that it was the victim of a ransomware attack when its servers became unresponsive.

In addition to encrypting the network, the Threat Actors also exfiltrated student data and demanded a ransom to prevent publication of student records on a dark web “shaming site.” Further investigation revealed that backups had been corrupted. Great American engaged forensics experts on behalf of the insured and contact was initiated with the Threat Actors. The decryption key was ultimately obtained through payment of a $200,000 ransom.

Lost Laptop

A thief stole an employee’s backpack containing her employer-issued laptop out of her locked car.

The laptop was password protected but not encrypted. As a result, the policyholder was required to give notice to clients and regulators in three states. All the insured had to do was call our hotline; our pre-contracted legal professionals handled the rest.

Social Engineering

Fraudsters gained access to a policyholder’s email environment because of a business email compromise.

The bad actors forwarded fraudulent payment instructions to one of the insured's clients, resulting in misdirection of a payment owed the insured to a bank account controlled by the fraudsters. In addition, there was access to PII of customers and clients that required notification to both individuals and regulators. Our claims professionals are experienced enough to know that sometimes there is more going on within the insured's network than meets the eye. This was more than just an email problem.

PCI Breach

An e-commerce retailer was the victim of a form jacking attack that allowed cyber-criminals to skim over 500 credit card numbers from the site.

As a result, the retailer was required to give notice to individuals and state regulators. In addition, there were inquiries from several credit card brands. Great American's vendor panel includes numerous Qualified Security Assessors who are standing by ready to help our policyholders manage their exposure to Payment Card Industry Data Security Standards (PCI DSS).

Contingent Business Interruption

Bad actors launched a ransomware attack against one of the policyholder's cloud service providers, resulting in a substantial service disruption.

The insured was forced to suspend operations for several days, creating a loss of business income. In addition, protected information was accessed, requiring notification by the insured to both clients and regulators. Even when it's not the insured's own systems that are down, Great American's policyholders can rely on our expert claims handling.

Help Secure Your Business with Cyber Insurance

Our experienced team of cyber risk professionals understands the complex digital threat landscape businesses operate in. Learn more about our easy-to-understand cyber risk products designed to meet the differing needs of different small and mid-sized clients.

We’re Here to Help - Contact Our Loss Control Consultants Today

Great American’s team of Loss Control experts builds on years of experience to help businesses prepare for and stay protected from different types of loss. Interested in learning more? Talk to our team of experts.

For additional Loss Control Guidance, visit the Plan & Protect safety hub.