Cyber Crime Insurance
Cyber-crime is the fastest growing form of crime in the world. In the UK the annual estimated cost is 37 billion pounds. It is lucrative and attractive to criminals due to the high gains from stolen funds or the value of stolen data and the seemingly low risk of capture from authorities.
In an increasingly digital world criminals are constantly looking to hack into your devices and networks and exploit your business for financial gain. The risk is increasing in a post Covid-19 world where more remote working on unsecured home networks is taking place and shows no signs of stopping.
Cyber insurance is a specialist type of insurance policy that is designed to meet the needs of those who have exposure to loss arising from the use of technology with their business.
Covers that can be provided are:
- Property damage to hardware including breakdown as a result of a cyber attack
- Reconstitution of data costs as a result of loss or data corruption
- Business interruption replacing lost income following a reduction in turnover caused by an insured event.
- Extortion meeting the costs of mitigation of and extortion costs
- Regulatory defence costs and associated penalties
- Privacy Breach – costs and damages associated with the unintentional breach of privacy or confidential information.
- Virus the costs and claims associated with the unintentional transmission of a virus, worm or trojan
- Unintentional breach of copyright
- Defamation – defence costs and awards
- Crisis and risk management including specialist public relations and security services to manage risks and mitigate losses
The above list is not exhaustive; this is an area that is constantly evolving as is the cover that can be offered.
A medium sized UK company with multiple sites had its email systems compromised by criminals. This was not detected and the criminals did not immediately act, instead they spent several months watching and observing the emails in the company. By doing this they learnt who was who in the company and who could make which decisions and authorise transfer of money. They also learnt a great deal about how emails were written between these people in order that they could imitate the style of the victims without raising suspicion.
When ready the criminals cloned the emails of the manager of the financial investments section who often requested large sums of money to be transferred, they blocked this manager from being able to see emails to and from the managing director and the financial director. The criminals then sent an email to the managing director requesting a sum of £16,000 be transferred to a bank account; this was received by the managing director who forwarded the request to the financial director who sent the moneys to the criminal’s nominated bank account.
By chance a week later the manager who’s emails were compromised was speaking on the phone to the managing director when the criminals tried to the same con again, this time the criminals requested £32,000. At this point the request was queried as it had come through while the two parties were speaking and it became apparent that the company was suffering a cyber-attack and there was a breach in the network.
This company did not have any cyber insurance in place, the £16,000 was never recovered, it was traced by the police to the account it was sent too but it had been moved abroad and could not be traced further. The company then had further costs to fix holes in the network and upgrade the systems to make sure this didn’t happen again.
How can we help?
Here at Aynsley we are not just looking to sell you a policy, we will help you become cyber secure and refer you to specialist risk managers who will assist your company in best practices in cyber security.
This Specialist class of insurance is available from a more limited and specialist range of insurers than other business insurance products, if you would like more information regarding cyber insurance please call Tom Lea on 01782 265 522.