Insurance coverage firms have an enormous goal on their proverbial backs as cyber attackers improve their give attention to an business ripe with private, medical, company, and different confidential information that may be monetized after a knowledge breach.
In 2023 alone, a number of insurance coverage firms have been focused, together with Solar Life in June through an assault on its vendor Pension Advantages Info LLC; Prudential Insurance coverage in Could, wherein greater than 320,000 buyer accounts had been impacted; New York Life Insurance coverage Firm, which had 25,700 accounts affected throughout the identical days interval because the Prudential assault; and Genworth Monetary, which had as much as 2.7 million people affected. All of those insurance coverage firms had been victims of the MOVEit file switch cyberattack.
Other than MOVEit, different widespread ransomware assaults additionally focused the insurance coverage business. Point32Health, the mum or dad firm of Harvard Pilgrim Well being Care and Tufts Well being Plan, was hit by a ransomware assault in April, whereas NationsBenefits reported that it was a sufferer of the Cl0p ransomware gang. The largest US assault on an insurance coverage firm compromised 9 million sufferers of Managed Care of North America (MCNA) Dental, a sufferer of the LockBit assault.
Consulting agency Deloitte famous, “Cyber-attacks within the insurance coverage sector are rising exponentially as insurance coverage firms migrate towards digital channels in an effort to create tighter buyer relationships, supply new merchandise and broaden their share of shoppers’ monetary portfolios. This shift is driving elevated funding in conventional core IT programs (e.g., coverage and claims programs) in addition to in extremely built-in enabling platforms similar to company portals, on-line coverage purposes and web- and mobile-based apps for submitting claims.”
The agency added, “As insurers discover new and revolutionary methods to research information, they have to additionally discover methods to safe the information from cyber-attacks.”
Functions Reveal a Lot
The explanations insurance coverage brokers and carriers at the moment are within the hotseat are assorted, as Deloitte famous, however a number of stand out as key motives. Whereas probably the most mundane is the profitability of acquiring personally identifiable info and private well being info for resale, there are extra nefarious inducements to assault insurers. For instance, insurance coverage purposes.
The quantity of personal, company information that seems on an insurance coverage utility may very well be a bonanza to cyber attackers, says Marc Schein, nationwide co-chair of the Cyber Danger Observe and a danger administration guide at Marsh McLennan Company, an insurance coverage dealer. Schein notes that purposes embrace an unlimited array of probably helpful info, together with the quantity of insurance coverage an organization is buying (ransomware attackers don’t wish to depart cash on the desk after they demand a ransom) in addition to a number of the deficiencies an organization may need in its community safety.
Schein factors out that different insurance coverage merchandise, similar to errors and omissions insurance policies or administrators and officers insurance policies, may present useful details about commerce secrets and techniques, personal info of key firm executives, and information about potential enterprise transactions.
Patricia Titus is chief privateness and knowledge safety officer at Markel Insurance coverage, a service that underwrites its personal assurance, specialty, and worldwide insurance policies. She agrees that purposes can present a deep understanding of an organization’s know-how profile.
Insurance coverage purposes can establish know-how debt, Titus says — unpatched software program, outdated {hardware} that could be previous the producer’s safety or software program patches, legacy programs that would symbolize potential safety vulnerabilities, and different deficiencies an organization may need in its community safety. These vulnerabilities may very well be exploited by attackers.
All Sides of Insurance coverage Transactions Are Susceptible
It isn’t solely insurance coverage purchasers that want to judge their cybersecurity infrastructure, Titus factors out. Markel is taking a look at methods it could possibly higher shield its personal information, in addition to that of its purchasers.
In Markel’s case, Titus says, the corporate is taking a look at applied sciences that would do a greater job of microsegmenting its networks, limiting the flexibility of attackers to maneuver laterally by the community ought to they efficiently breach the company defenses. Shifting laterally, she notes, is the best benefit an assault can have if they’ll discover a gap right into a community.
Human information at all times is fascinating to cyber attackers, Titus provides. Ought to the attacker have the ability to entry insurance coverage purposes or accredited insurance policies, they’ll be taught an awesome deal about potential targets. People and firms alike must insure high-value luxurious objects, similar to antiques. Nevertheless, enterprises additionally insure commerce secrets and techniques (consider the recipe of Coca-Cola, for instance) that can’t be made public by patents, personal information about executives and officers, and errors and omissions that may happen throughout enterprise transactions. Finally, there’s a huge array of knowledge firms shield that may be recognized and compromised ought to their insurance coverage insurance policies or purposes be breached.
Schein recommends that firms submitting an insurance coverage utility ship encrypted information solely in order that something intercepted throughout transmission can’t be learn by the attacker.
