Cyber crime, essentially any crime that involves a computer or a network, is the fastest growing area of criminal activity in the world – and everyone online is a target. Doesn’t matter if you’re doing 100% of your business online such as Amazon, or you’re just using your email address, everyone is at risk.
In today’s world, the reality is that all individuals and organizations connected to the internet are susceptible to some form of cyber crime. The number, the type, and the sophistication of attacks continues to rise, and no individual or organization is immune.
A vast amount of information is now stored on computer servers and databases, and it’s growing every day. Because that information has great value, hackers are constantly looking for ways to steal or destroy it.
Cyber crime can be defined as any crime where:
- A computer is the target of the crime
- A computer is used to commit a crime
Types of computer intrusions
Computer intrusions can come from an internal source, such as a disgruntled employee with intimate knowledge of the computer systems, or an external source, such as a hacker looking to steal or destroy a company’s intangible assets.
Hackers use a variety of ways to steal or destroy your data:
A virus is a small piece of software that attaches itself to a program that’s currently on your computer. From there, it can attach itself to other programs and can manipulate data.
Viruses can quickly spread from computer to computer, wreaking havoc the entire way. For example, your email could be compromised by a virus, spread to your entire network, and leave you to clean up the mess (translated as ‘pay for all the damages’) to all other networks infected by the virus emanating from your email
In the late 1990s, email viruses became a popular method for hackers to infect computers. These viruses were triggered when a person downloaded an infected document. When the document was opened, the virus would send that document to the first few recipients in the person’s email address book.
Some email viruses were so powerful that many companies were forced to shut down their email servers until the virus was removed.
A worm is a computer program that can copy itself from machine to machine, using a machine’s processing time and a network’s bandwidth to completely bog down a system.
Worms often exploit a security hole in some software or operating system, spreading very quickly and doing a lot of damage to a business.
Common in email attachments, Trojans hide in otherwise harmless programs on a computer and, much like the Greek story, release themselves when you’re not expecting it.
Trojans differ from viruses in that they must be introduced to the system by a user. A user can knowingly or unknowingly run an .exe file that will let a Trojan into the system.
Spyware can be installed on a computer without the user ever knowing it, usually from downloading a file from an untrusted source. Spyware can be used by hackers to track browsing habits or, the more common and detrimental use, to collect personal information such as names, dates of birth, social security numbers, or credit card numbers.
Logic bombs are pieces of code that are set to trigger upon a certain event occurring. For example, a logic bomb could be set to delete all the contents on a computer’s hard drive on a specific date.
There are many examples of disgruntled employees creating logic bombs within their employer’s computer system, set to trigger a certain number of days after the employee quits or is fired.
Needless to say, logic bombs can cause serious damage to a company’s digital assets.
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
DoS and DDoS attacks are used to send an overwhelming amount of data to a target server, rendering that server useless.
A hacker does this by gaining control of several computers and then sending a large amount of data to a target server that can’t possibly handle it. The result could be thousands or millions of dollars in lost sales for an online retailer, or a complete loss of productivity for many businesses.
A computer intrusion could put your valuable digital assets at risk. That’s why your company should have the following measures in place to limit computer intrusions and protect your assets:
Firewalls are pieces of software that control the incoming and outgoing network traffic on a computer system and decide whether it should be allowed through.
Most computer operating systems now come with a preinstalled firewall for security. While they’re not the be-all, end-all of preventing intrusions, they’re a reliable start.
Routers are pieces of hardware that keep unwanted traffic out of a computer system. They differ from firewalls in that they are stand-alone devices that must be bought separately – they’re not included in an operating system.
As their name implies, anti-virus programs are designed to catch and eliminate or quarantine viruses before they can harm a computer system.
Anti-virus programs run in the background to ensure your computer is protected at all times. While they’re updated frequently, they may not catch the newest viruses that are floating around.
Every company, no matter its size, should have policies in place to educate employees on the dangers of computer intrusions and ways to prevent them.
Make sure your employees know not to open, click on or download anything inside emails from untrusted sources.
And employees with an intimate knowledge of the company’s computer network should also be alerted of the potential consequences of hacking into the system.
Curious about what you can do to prevent Cyber Crime?
Protecting your intangible assets in the event of an intrusion
While it’s important to have measures in place to limit intrusions, it’s also important to have protection in the event that an intrusion occurs.
As cyber crime continues to grow, and technology becomes increasingly important for successful business operations, the value of a strong Cyber Liability Insurance policy will only continue to grow.
Cyber Liability Insurance is specifically designed to address the risks that come with using modern technology; risks that other types of policies such as Commercial General Liability Coverage or a Businessowners Policy (BOP) simply won’t.
And as the number of claims continues to grow, so does the media coverage. When our personal information that we trust the businesses we work with to keep safe is compromised, it’s a major problem. It’s a problem for us personally, and it’s a problem for the business that was breached.
Given the fact that this new type of crime, and the risk of loss impacts nearly every business in operation today, Cyber & Data Breach Liability Insurance is becoming a requirement, instead of a ‘nice-to-have.’
When businesses perform work for others, whether B2B or B2C, the business performing the service or providing a product is often required to enter into a contract. For years, many of those contracts included language for minimum insurance coverage the business was required to carry. Coverages such as General Liability, Commercial Auto and Employers Liability.
The newest addition we’re starting to see on a frequent basis is Cyber & Data Breach Liability.
And why not…
For many businesses in operation today, their risk of a cyber attack or data breach is far greater compared to their chances of experiencing a claim that would be covered by any of the other insurance policies they’re required to have.
If you’d like additional information and resources, we’re here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk. You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance a part of your insurance portfolio, Request a Proposal and we’ll get to work for you.