Big I Virginia E-News
March 2021
 

Hackers Aren’t Looking for Your Clients' Money ... They Want YOURS!

Print this Article | Send to Colleague

We’re told by our cyber insurance carrier that they’ve seen an increase in agents being subject to ransomware attacks. I wanted to explore this question further and decided to contact Ron Berg with the Agents Council on Technology. My question was: Have y’all seen any articles on ransomware with examples that we can publish? How does this work when your database is pretty much with an AMS?Maybe the carrier is saying there’s an increase in ransomware generally.

Ron’s response was awesome and I draw it to your attention:

  • First, you are correct that ransomware attacks are increasing — and IAs are a prime target. Risk-Based Security indicated that by the end of 2020, financial services accounted for over 12% of all attacks.

And there are some articles, linking a few here:

  • At the Speed of Light: Keeping Up with Cyber Insurance
  • Insurance Broker Gallagher Reports Ransomware Attack
    • This is the now-famous ransomware attack of AJ Gallagher. Hackers are not just focused on the big entities, though.
  • ACT Alert – Agency Hacking Security Alert
    • ‘ACT Alert’ from this week on hacking overall. While it’s about ID/password vulnerability, this can lead to ransomware attacks.
  • No Device Is Safe: Cyber Risk Increases for Brokers and Agents
    •  A story Ron Berg did for IBA Magazine mid-2020
  • In regard to our question on how it works when agents have a management system and it’s cloud-based (as most are), cyber criminals can secure and hold data for ransom whether the systems are local (LAN-based) or in the cloud. The difference is that cloud-based/ASP management systems providers work with their cloud providers (think Amazon AWS) to host multiple real-time incursion prevention systems. But these can still be encrypted and held for ransom. I think the cyber liability carrier was referring to ransomware overall, though I’m not sure what data they could/would have on specific management system cloud ransomware occurrences.
  • ACT is working right now with all our carrier, user group and vendor members to roll out awareness of this risk, using a newly developed online cyber-readiness questionnaire that will be released within the month. We’ll develop a communications template that the stakeholders can use to deploy the short questionnaire and point to our ACT Agency Cyber Guide 3.0 as the resource to become cyber-ready.

So, how’s your cyber security insurance for your own agency? Why not give Linda Loving in our office a call, or email her at lloving@iiav.com, and get information on our cyber security insurance program with Evolve or other providers we have access to. Don’t ignore this — it’s not just happening to “the other guys.”

Bob Bradshaw
IIAV President & CEO
Reach me at rbradshaw@iiav.com

 
 

Back to Big I Virginia E-News