When it comes to cyber risk, the first thought that comes to mind is ransomware: cyber criminals hacking into a computer system, then freezing and encrypting the user’s data; a ransom demand then follows. These scams vary in scale, but as technology advances, so too does the ransomware, and ultimately, the cost.
GPS and smart-watch manufacturer Garmin has felt the impact of this new wave of large-scale ransomware attack, after hackers reportedly accessed its services – including its aviation arm – bringing the company to a halt. The hackers demanded a $10 million ransom and, until that sum was paid, all Garmin services remained down.
Targeting well-known and established companies isn’t unheard of, and even government bodies have been faced with risk. The COVID pandemic saw an influx of scams related to the NHS and council systems. Texts appearing to be from the UK government regarding check and trace systems, and messages offering refund requests from councils, were sent to mobile devices throughout the country – all of which included links to malware.
These types of cyber-attacks are visible and loud, but what about the silent cyber risks that are emerging? From companies being discredited due to manipulated autocomplete functionalities in search engines, to the high-risk attacks subjected to residents in developing countries when financial transactions are conducted over unsecured mobile phone lines. These new models of cybercrime could even be the precedent for hackers disrupting or destroying voter-registration databases – a prospect which is a grave concern for governments.
As highlighted in my previous blog, the widespread availability of connected technologies heightens the emergence of cyber risks, and if not effectively secured, connected devices can be accessed and controlled by hackers. Potential scenarios could include hackers manipulating voice-controlled devices to make purchases using hidden voice commands, or taking control of digital home or office assistants to override security systems.
From a security point of view, these risks could snowball. There are already growing fears about baby monitors and online CCTV systems being hacked and content viewed by persons other than the intended person, but what about connected vehicles and even military drones? Could these be subsequently hijacked if they are not correctly secured?
The increasing sophistication of these new cyber risks can make it challenging for insurers to understand their exposure to emerging cyber risks. For information on how we can better assist you with an independent, comprehensive cyber audit, contact our dedicated team: http://www.pro-global.com/uk/what-we-do/cyber.