PHONE 800-258-3190
Email info@associatedbrc.com
www.associatedbrc.com
Associated Benefits and Risk Consulting - Cyber Liability

The question is not if your company will experience a cyberattack, but when.

As the number of cyberattacks increase across all industry segments, so does the importance of cybersecurity for all businesses — regardless of size or reliance on technology. A breach can result from a variety of factors, including attacks on networks, employee negligence, malware-infected emails or social engineering scams. You can be left paying thousands of dollars.

Cyber Liability coverage protection can extend beyond standard liability coverage from cyber-related lawsuits. There are a variety of coverage options available for organizations of all types and sizes. These solutions can include reimbursements for loss of income, notification costs, cyber extortion/ransomware, network security, third-party interruptions, regulatory defense costs and more.

To help ensure you have the right coverage we offer the following:

  • Proprietary risk and exposure analysis
  • Benchmarking analytics
  • Contract review
  • On-staff law degreed compliance specialist
  • Claims advocacy
  • Placement and program analysis
Associated Benefits and Risk Consulting – Cyber Risk Survey

CYBER RISK SCORECARD

Identify where you may have gaps.

Cybercrime is constantly evolving and cybersecurity is hard-pressed to keep up. You’ve taken steps to protect your business against cyber threats, but your best efforts may not be enough. Take the Cyber Risk Scorecard survey to see where your business excels and where you face exposure.


 
Associated Benefits and Risk Consulting – Cyber Threat Intelligence Highlights

THREAT INTELLIGENCE HIGHLIGHTS

September 2020 Threat Intelligence Highlights

Tuesday, September 22, 2020 - Jake Omann, CIC, CPCU

September 2020 Threat Intelligence Highlights

Tuesday, September 22, 2020 - Jake Omann, CIC, CPCU

Email service provider Sendgrid is under siege from hacked accounts

Many companies use Sendgrid to communicate with their customers via email, or else pay marketing firms to do that on their behalf using Sendgrid’s systems.

  • Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks.
  • Sendgrid’s parent company, Twilio, says it is working on a plan to require multi-factor authentication (MFA) for all of its customers, but that solution may not come fast enough for organizations dealing with the fallout.
  • The company takes steps to validate that new customers are legitimate businesses, and that emails sent through its platform carry the proper digital signatures that other companies can use to validate that the messages have been authorized by its customers. Unfortunately, when a Sendgrid customer account gets hacked and used to send malware or phishing scams, recipients email from Sendgrid’s systems to bypass their spam-filtering systems.

Source: KrebsOnSecurity.com

Cyberattack shuts down operations of eyewear and eyecare giant Luxottica

The world's largest eyewear and eyecare company, Luxottica, has reportedly suffered a cyberattack that has led to the shutdown of operations in Italy and China.

  • In September, consumers began to report that the websites for popular eyewear providers, Ray-Ban, Sunglass Hut, LensCrafters, EyeMed, and Pearle Vision were not working, and expressed concerns the sites may have been breached.
  • Italian media reported that the IT systems for the Luxottica offices in Agordo and Sedico, Italy, were suffering "computer system failure." Employees could not access work systems and were told go home via text. Union sources later confirmed to Italian media outlet, Ansa, that the employees were sent home due to "serious IT problems."
  • Cybersecurity firm, Bad Packets, revealed that Luxottica had been using a Citrix device with a the known vulnerability, CVE-2019-19781, popular among ransomware threat actors. When exploited, the vulnerability provides access to a network and credentials that can be used to spread further through the network.

Source: BleepingComputer.com

Hackers exploit Google's App Engine domains to deliver phishing and malware

A newly discovered technique shows how domains on the Google App Engine, a cloud-based service platform for developing and hosting web apps, can be abused to deliver phishing and malware while remaining undetected by leading enterprise security products.

  • While reports of phishing campaigns leveraging enterprise cloud domains are nothing new, what makes Google App Engine infrastructure risky is how the subdomains get generated and paths are routed.
  • Scammers typically use cloud services to create a malicious app that gets assigned a subdomain, then use the subdomain to host phishing pages or use the app as a command-and-control (C2) server to deliver a malware payload.
  • A single malicious app represented by multiple permutations of its subdomains makes it hard for sysadmins and security professionals to block malicious activity.

Source: BleepingComputer.com

Justice Department indicts Chinese antivirus firm for data thefts

The U.S. Department of Justice (DOJ) indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies.

  • The U.S. government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled in 2012 as the owner of a Chinese antivirus firm.
  • Charging documents say the seven men are part of a hacking group known variously as “APT41,” “Barium,” “Winnti,” “Wicked Panda,” and “Wicked Spider.”
  • Once inside a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell.
  • The U.S. government alleges the group monetized its illicit access by deploying ransomware and “cryptojacking” tools (using compromised systems to mine cryptocurrencies like Bitcoin).
  • In addition, the gang targeted video game companies and their customers in a bid to steal digital items, used to enhance the game-playing experience, that could be resold.

Source: KrebsOnSecurity.com

Hackers steal nearly $17 million in virtual currency in a series of phishing attacks

U.S. authorities announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018.

  • The Justice Department unsealed indictments against Russian nationals Danil Potekhin and Dmitirii Karasavidi, alleging the duo was responsible for a sophisticated phishing and money laundering campaign, using  spoofed websites for some of the most popular cryptocurrency exchanges to steal the equivalent of $16.8 million in cryptocurrencies and fiat money from victims.
  • Separately, the U.S. Treasury Department announced economic sanctions against Potekhin and Karasavidi, effectively freezing all property and interests (subject to U.S. jurisdiction) and making it a crime to transact with the named individuals.
  • According to the indictments, the two men set up fake websites that spoofed login pages for the currency exchanges Binance, Gemini and Poloniex. Armed with stolen login credentials, the men allegedly stole more than $10 million from 142 Binance victims, $5.24 million from 158 Poloniex users, and $1.17 million from 42 Gemini customers.
  • Prosecutors say the men then laundered the stolen funds through an array of intermediary cryptocurrency accounts — including compromised and fake accounts — on the targeted cryptocurrency exchange platforms. In addition, the two are alleged to have artificially inflated the value of their ill-gotten gains by engaging in cryptocurrency price manipulation using some of the stolen funds.

Source: KrebsOnSecurity.com

As the number of cyberattacks increase across all industry segments, so does the importance of cybersecurity for all businesses — regardless of size or reliance on technology. A breach can result from a variety of factors, including attacks on networks, employee negligence, malware-infected emails or social engineering scams. You can be left paying thousands of dollars. For more information, please contact us.
Comments (0) Number of views (138)

Jake Omann, CIC, CPCU

Jake Omann, CIC, CPCU

Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies.

Full biography

Full biography

Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies. Jake has served on several non-profit boards throughout his career and is a frequent speaker on D&O and cyber liability risks. Jake joined Associated Benefits and Risk Consulting (ABRC) in 2014 and his primary responsibilities include leading the firm’s management liability group and serving as global team lead.

x

November 2020 Threat Intelligence highlights

With the holiday season upon us, cyber threats to businesses and individuals increase. Attackers take advantage of the elevated amount...

FBI warns healthcare firms of targeted ransomware attacks

In a recent Client Advisory, USI’s Executive and Professional Risk Solutions (EPS) team discusses a recent Joint...