**TL;DR/summary at bottom
Hollywood does a great job of glamorizing hackers and broad level cyberattacks, but when it happens to your business in the real world, there is nothing glamorous about it. (Also, there is significantly less hoodie-wearing than you might think.)
The battle against hackers has remained relentless in recent years. While cyber security measures have become more advanced, so have hacker tactics used to circumvent counterattacks.
For example, a comprehensive 2023 report by Coalition Inc. showed that (despite the increased sophistication of ransomware protection this year) ransomware has made a relentless comeback from 2022. The report also named financial fraud and data breaches as top perpetuators of cybercrime claims. In essence, it’s like playing a game of Whack-a-Mole – as soon as it appears protective software measures have arrested many of the threats, hackers find a new way to exploit business vulnerabilities.
With 97% of U.S. businesses currently relying on technology, virtually all business owners are at risk of being a cybercrime victim. (Yes, even small businesses with under 100 employees.)
In this blog, we will:
- Describe the different types of cybercrimes that are prominent in 2023 (and what you should be looking out for, specific to your business).
- Granularly cover Coalition’s cyber-attack report (as well as other 2023 data points.
- Explain what cyber liability insurance is, what it covers, and why it’s really non-negotiable in today’s interconnected and technology-driven economy.
- Show you how to calculate the cost of a potential data breach in your business.
Ransomware on Businesses in 2023
E-commerce ransomware is exactly what it sounds like: malicious software used by cybercriminals to infiltrate your e-com storefront or website, encrypt its data, and demand money in exchange for the decryption key. Just like a kidnapping ransom, assailants seize something important to you and will only release it once a ransom has been paid.
What forms of ransomware should I look out for?
The primary means of infiltrating your company’s systems with ransomware are through phishing emails, malicious websites, or the utilization of an exploit kit. After infiltrating a website, the corrupt software encrypts your data, making it completely inaccessible and indecipherable.
Proficient hackers are great at sneaking ransomware onto your website. The coding usually arrives built-in to seemingly innocuous documents or email attachments, underscoring the importance of your company being hyperaware of suspicious activity.
Here are the types of ransomwares your company may be vulnerable to:
- File-encrypting ransomware: This type of ransomware encrypts the files on your computer system, making them inaccessible until a ransom is paid. Examples of file-encrypting ransomware include WannaCry and Locky.
- Scareware: This type of ransomware uses scare tactics to trick users into paying a ransom. A scareware tactic might include using a fake warning message, claiming that your system has been compromised. Then they will demand payment to fix the issue. Examples of scareware include FakeAV and FakeBSOD.
- Mobile ransomware: Mobile ransomware infiltrates smartphones and tablets. Once installed on your device, mobile ransomware can encrypt files or lock the device until a ransom is paid. Examples of mobile ransomware include Koler and Simplelocker.
- Doxware: Doxing in when a cybercriminal threatens to release sensitive information (like customer data or confidential business information) unless you pay their ransom demand. Examples of doxware include Maze and Nefilim.
- Ransomware as a Service (RaaS): This category of ransomware is obtainable to purchase on the dark web. RaaS enables individuals with minimal technical expertise to initiate ransomware attacks. Notable RaaS offerings encompass Satan and Philadelphia.
Unlike other forms of cyberattacks, ransomware can be exceptionally disruptive and have enduring repercussions. E-commerce ransomware attacks may result in data loss, harm to your business’ reputation, and financial setbacks – affecting businesses of all sizes.
Business Ransomware Statistics in 2023
The report from Coalition pointed out a notable uptick in the frequency of ransomware claims during the first half of 2023, marking a 27% increase compared to the second half of 2022. In addition, the severity of these claims reached unprecedented levels, showing a 61% surge from the prior half-year period and a remarkable 117% rise over the course of the past year.
Moreover, cybercriminals heightened their ransom demands, with the average ransom now reaching $1.62 million — a 47% climb over the preceding six months and a substantial 74% increase over the past year.
How to Protect Your Business Against Ransomware
As previously mentioned, ransomware attacks often find their way into your network through unexpected entry points like appliances and IoT devices. Neglecting to secure every internet-connected device, including seemingly harmless ones like printers or smart appliances, can allow an inconspicuous gateway for data infiltration.
One of the most common methods of accessing your network is also the easiest – implanting infected emails. It is crucial that you and your employees remain alert to suspicious emails. Accidentally clicking on an infected link inside a received email or opening up an infected Web page can cause a lot of damage and financial strain.
In the continual battle against ransomware, the best protective actions for your business include:
- Instructing users to recognize attack attempts
- Remaining watchful for the ever-changing tactics employed by malware creators
- Continually using updates and patches to protect your systems.
Funds Transfer Fraud on businesses in 2023
Funds transfer fraud (also referred to as wire transfer fraud) is a method in which hackers intercept funds from your business account, either before or during a money transfer to another business or person. FTF typically involves an attacker assuming the identity of a company executive, vendor, or bank and issuing counterfeit invoices or payment directives.
How does wire fraud work?
The fraudster typically gains access to your company’s sensitive information (usually through social engineering or by hacking into your business email accounts. The fraudster creates a fake email address that closely resembles yours or that of another high-level person in your company. The fraudster then sends an email from the compromised or fake account to an employee in the finance or accounting department, requesting an urgent funds transfer for a seemingly legitimate reason, such as a confidential business deal, a time-sensitive acquisition, or a supplier payment. For authenticity, he may even use convincing language, insider information, and even the executive’s writing style.
Conversely, a fraudster may pose as a vendor, supplier, or contractor your company utilizes, and request payment using forged documents or invoices. When this happens, the authentic vendor/supplier/contractor may demand payment, despite your company losing money to an impersonator.
Regardless of the circumstances surrounding the fraud, FTF’s can cost your company thousands of dollars.
Business FTF Statistics in 2023
In the first half of 2023, the frequency of FTF claims by businesses increased by 15%. This increase continues a trend of the same claim rate observed over the past two years. Additionally, the initial severity of FTF attacks in 2023 rose by 39%, resulting in an average financial loss of over $297,000 per business. However, this amount remains lower than the highest recorded average loss of $410,000 in the first half of 2021.
FTF remains a dependable way for hackers to sequester large sums of money. This stability is attributed to the simplicity of the attack method and its combination with established phishing techniques.
How to Protect Your Business Against Funds Transfer Fraud
As with ransomware, it is important you stay proactive in securing your company’s information and double checking the source of money transfer requests. Other measures to safeguard you company should include:
- Verifying all payments and purchase requests in person or over the phone
- Being alert to any changes in the wiring instructions/style and confirm they’re legitimate by sending a confirmation email
- not clicking on anything in an unsolicited email or text that prompts you to verify an account
- Never opening an email attachment, clicking on a link, or downloading anything from an unknown source
- Securing devices and accounts with strong passwords and multi-factor authentication
- Being careful with information you share on social media to prevent a scammer from guessing your password or answering security questions. These scams are often executed on Facebook, using ostensibly harmless prompts like “Your rock band name is the street you grew up on + the name of your oldest son.” Do NOT reply in these threads.
- Educating employees on what to look for in a fraudulent email or text
The Productivity Suite You Use Could Make Your Business More Susceptible to Cyberattacks
You’ve likely noticed by now that the commonality between different types of cybercrimes is the use of emails to transfer information. Thus, it would only make sense that what cloud-based business office suite you use can influence the likelihood of falling victim to cybercrime.
In Coalition’s 2023 report, the claims data consistently underscores a connection between the email platform chosen by vendors and the probability of a cyber insurance claim.
Businesses utilizing Google Workspace for their email communication exhibited a significantly higher level of security compared to those relying on Microsoft Office 365 (M365) or those using a Microsoft Exchange server on-premises (which refers to an organization that hosts the data on their own local server as opposed to cloud-backed).
More specifically, M365 users are over twice as likely to encounter a claim compared to their Google Workspace counterparts, while on-premises Microsoft Exchange users face nearly three times the risk of claims when compared to businesses utilizing Google Workspace.
For ransomware claims, Google Workspace users experienced a 10% risk reduction compared to M365 users.
For FTF or BEC claims, Google Workspace users experience a 25% risk reduction when compared to M365 users.
Why is Google Workspace Less Prone to Cyberattacks?
The discrepancy in claims among Google and Microsoft users may be attributed to whether a business purchases Defender for Office 365, which is not included in Microsoft’s base E3 license. Defender and Google Workspace both include important, comparable email security features, such as impersonation protection and malicious URL protection.
(And no, we were not paid by Google or Office 365 Defender to report these findings.)
How to Protect Your Online Business from Cyberattacks
Regardless of the size of your business or how valuable you deem your information to be, in today’s technology-driven economy, it’s important you adopt a robust cybersecurity strategy to preserve your company’s operations, customers, and data.
Earlier, we covered some ways you can safeguard your business, but here are some more:
- Shield Information, Computers, and Networks from Cyber Threats: Maintain clean and updated systems by ensuring that your software, web browsers, and operating systems are updated. Employing the latest security and antiviral software is your best defense against viruses, malware, and online threats.
- Implement Firewall Protection for Your Internet Connection: A firewall is a set of programs designed to block unauthorized access to a private network. Ensure that your operating system’s firewall is active or install free firewall software (available online). Also, extend firewall protection to remote employees working from home.
- Establish a Mobile Device Security Plan: Mobile devices pose unique security challenges, especially if they handle confidential data or connect to the corporate network. Enforce password protection, data encryption, and the installation of security applications to prevent data theft over public networks. Define protocols for reporting lost or stolen devices.
- Back Up Vital Business Data Regularly: Create routine backups of critical business data, including word processing documents, spreadsheets, databases, financial records, HR files, and accounts receivable/payable data. Automate data backups whenever possible, with storage options including offsite or cloud-based solutions.
- Secure Your Wi-Fi Networks: If your workplace uses Wi-Fi, ensure it is secure, encrypted, and hidden. Conceal the network name (SSID) to prevent broadcasting and protect access with strong passwords. Also, you should consider Implementing password protection for router access.
- Adopt Payment Card Best Practices: Collaborate with financial institutions to employ trusted tools and anti-fraud services. Isolate payment systems from less secure applications. Refrain from using the same computer for processing payments and internet browsing.
- Limit Employee Data Access and Software Installation: Restrict access to data systems, ensuring employees can only access the systems relevant to their roles. Prevent unauthorized software installations without prior approval. As much as your employees may complain, it’s a good idea to not allow them to use non-business sites like Facebook, TikTok, Reddit, etc.
- Strengthen Passwords and Authentication: Enforce the use of unique passwords and mandate password changes every three months. Consider implementing multi-factor authentication to bolster security further. Consult your vendors, especially financial institutions, regarding the availability of multi-factor authentication for your accounts.
It may sound like a lot of work to implement these measures, but ensuring the safety of your business and your clients’ sensitive information is far less of a headache than dealing with cybercrime.
However, it’s important to keep in mind that – regardless of how safe you are being – there is still a chance that a hacker or cyber-criminal could infiltrate your servers. Which means…
Cyber Liability Insurance Is Imperative for Small Businesses
Cyber insurance is a specialized insurance policy designed to protect businesses from the financial repercussions of cybersecurity breaches and data leaks.
What does cyber insurance cover?
- Data Breach Response: In the event of a data breach, cyber liability insurance helps cover the costs associated with investigating the breach, notifying affected parties, and providing credit monitoring services to affected individuals.
- Legal Expenses: Cyber insurance can cover the legal costs incurred when defending against lawsuits related to the breach. This includes costs associated with regulatory investigations, lawyers, penalties, settlements or judgments.
- Business Interruption: If a cyber incident disrupts your business operations, leading to financial losses, cyber insurance can offer coverage for the income you would have earned during the lull in business. (However, it’s important you check with your insurance agent to make sure this aspect is covered.)
- Cyber Extortion: In cases of ransomware, cyber insurance usually will cover the payment.
- Third-Party Liability: This aspect of cyber insurance extends protection to your business in cases where a cyber incident affects third parties, such as clients or partners. It covers the costs of defending against third-party claims and any resulting settlements or judgments. Cyber insurance can also offer credit score monitoring for customers that were affected in the data breach.
Data Breach Insurance vs. Cyber Insurance
It’s common to hear the terms “data breach insurance” and “cyber insurance” used interchangeably. However, there is a distinction between the two, which you need to know if you want to determine which policy is best for your company.
Data Breach Insurance primarily focuses on mitigating the financial impact of data breaches. It covers expenses related to breach notification, credit monitoring, and legal defense. While data breach insurance addresses the aftermath of a breach, it may not provide the comprehensive coverage needed to protect against a broad spectrum of cyber threats. In general, this type of policy is sufficient for smaller businesses.
Cyber Insurance on the other hand, offers a more extensive scope of coverage. In addition to data breach-related expenses, it encompasses various cyber risks, including business interruption, cyber extortion, and third-party liability. It provides a broader safety net, safeguarding your business against an array of cyber threats beyond data breaches.
Whichever cyber coverage you feel is right for your business, we urge you to pick one over none.
Oftentimes, we hear business owners complain about adding more insurance policies to their business, which is fair. There is only so much capital available to invest in insurance, so we aren’t oblivious to the struggle.
But as with anything in life, financial burdens are subjective. That’s why this data breach calculator by eRisk Hub is a tool worth trying out.
This calculator enables you to simulate various cyber breach scenarios to estimate the potential financial impact each one would have on your company. It provides a breakdown of expenses, encompassing:
- incident investigation
- customer notification
- crisis management
- regulatory fines and penalties
- PCI compliance
- class-action lawsuits
*The costs associated with a data breach can fluctuate significantly depending on the nature of the compromised information, including PII, PCI, or PHI.
In today’s interconnected and data-driven landscape, threats of ransomware, FTF or BEC attacks, and other cyber coercions loom larger than ever for U.S. businesses. The consequences of a cyberattack cannot be minimized; breaches extend far beyond financial losses. They can tarnish your reputation, erode customer trust, and jeopardize the very core of your operations.
The good news is that proactive steps can be taken to bolster your defenses against hackers and cybercriminals. In this blog, we’ve discussed a range of measures you can take – from robust cybersecurity practices to employee training to secure data handling – as a means of safeguarding your company, your employees, and your customers. Implementing these strategies can significantly reduce your susceptibility to cyber threats and enhance your company’s resilience.
But even with these defenses in place, the reality is that no system is entirely impervious to attacks. This is why cyber insurance has to be included in your overall cyber security strategy. From investigation and notification expenses to legal fees and potential fines, cyber insurance/data breach insurance provides a critical layer of protection that can mean the difference between recovery and financial devastation.
Want to discuss cyber insurance opportunities for your business with a trust insurance broker? Fill out this 10-minute application and an agent with Ashlin Hadden Insurance will walk you through your options.
- In 2023, ransomware attacks have made a strong comeback, with increased severity and ransom demands, affecting businesses of all sizes significantly.
- To protect against ransomware, businesses should be privy to not responding to phishing emails, securing internet devices, and educating their employees on recognizing attack attempts.
- Funds transfer fraud (FTF) involves hackers intercepting funds during transfers, often impersonating executives or vendors. The Coalition Inc. observed a 15% increase in claims in 2023.
- Safeguarding against FTF involves verifying payment requests, confirming wiring instructions, and not clicking on unsolicited emails or links.
- The choice of a productivity suite can impact your susceptibility to cyberattacks, with Google Workspace showing better security compared to Microsoft Office 365. This includes both M365 cloud-backed and M365 on-premises)
- Implementing cybersecurity measures such as regular updates, firewall protection, mobile device security, data backups, and secure Wi-Fi networks is critical to the success of your business.
- Despite all these proactive measures, falling victim to a cyber attack is still plausible, which is why it’s a smart business decision to invest in cyber liability insurance.
- Cyber insurance covers data breach responses, legal expenses, business interruption, cyber extortion, and third-party liability claims.
- Data breach insurance primarily focuses on mitigating the financial impact of data breaches, while cyber insurance provides broader coverage against various cyber risks. Generally speaking, data breach insurance is good enough for smaller businesses.
- Using a data breach calculator can help estimate potential financial impacts of cyber breaches, considering factors like PII, PCI, or PHI. You can find one here.
- Protecting your business against cyber threats is imperative in today’s technology-driven economy, regardless of its size or industry.
- Ashlin Hadden Insurance is an insurance brokerage firm that specializes in e-commerce businesses and can answer any questions you have regarding cyber insurance, as well as find you the right policy for your business. To get an insurance quote, click here.