Why the lockdown has triggered a cybercrime epidemic

The Covid pandemic has been the catalyst for unprecedented change in working patters, which have been transformed over the course of weeks rather than years. Technology has meant that many businesses have been able to shift almost seamlessly to remote and home based working models.

Whilst this rapid adaptation has been impressive, it has been implemented at pace and often without proper planning. Remote working often entails the use of personal devices and computers on residential networks – in effect the extension of company networks beyond their fire walls, creating an ideal environment for cyber criminals.

This additional IT “surface area” gives cyber criminals many more potential access points to businesses’ IT infrastructure, and the evidence is that they have been taking advantage of this.

Cybercrime trends since the pandemic hit have been worrying:

  • “Phishing” attacks where criminals try to trick their targets in to clicking on a link or attachment to an email or text are now occurring on an epidemic scale. These can be very sophisticated and convincing, using information from social media or Linkedin to appear authentic. Covid has also presented a new theme for phishing attacks. A recent Symantec analysis suggested that about one in every 3700 emails is now a phishing email.

  • There is now a vast amount of illegally sourced personal data available on the dark web for purchase by cyber criminals. Many people still use the same password for multiple systems – which makes them extremely vulnerable. Now that personal devices are being used to access business networks, this in turn makes businesses vulnerable to hacking. Office for National Statistics (ONS) - Crime in England and Wales recorded a 53% increase in hacking in the year to September 2020, - about 4500 small businesses are hacked every day in the UK see https://www.ons.gov.uk/peoplepopulationandcommunity/crimeandjustice/bulletins/crimeinenglandandwales/yearendingseptember2020#computer-misuse

 

  • Once criminals have gained access to a business network, there are a range of methods for extracting payment.

    One concerning new trend has been the increased use of “ransomeware”. This is software which once installed can prevent businesses accessing their own systems and data – essentially preventing them from operating.

    A new “franchise” model enabling criminals to access and use sophisticated ransomeware software in return for a percentage payment to the software developers has emerged which has meant that criminals lacking the technical expertise to develop their own ransomeware are now actively looking to hack businesses. This is a key driver in the 40% increase in malware attacks recorded by the ONS. Ransomeware attacks can stop businesses trading for months - estimates vary but the international publication CSO https://www.csoonline.com/article/3440069/uk-cybersecurity-statistics-you-need-to-know.html  estimates the average successful ransomware attack in the UK costs over £600,000 – it has often proved cheaper to pay the ransom than suffer the business interruption which the hackers can inflict.

 

Cyber insurance claims are becoming more frequent and expensive

The increase in cybercrime has been reflected in the claims costs to cyber insurers. What was once a relatively profitable sector for insurers is becoming increasingly expensive for them - rising claims pushed the insurers’ loss ratios (ratio of claims costs to premium income) up to nearly 50% in 2019, and anecdotal evidence suggests cyber loss ratios today are well above 50% with some insurers even reporting cyber business loss ratios exceeding 100% (2021 Cyber Risk Outlook – Insurance Hound).

The threat of cybercrime isn’t going to go away – so make sure you have cover

Whilst we all hope that there is light at the end of the Covid 19 tunnel in 2021, some of the business working practices that have been driven by the lockdown are here to stay. Working patterns for office based staff are likely to be more flexible going forward, with an element of home working becoming the norm – so increased exposure will remain. In the same way, unfortunately, the advances made by cybercriminals will not be reversed.

Cybercrime is now one of the most serious threats small businesses face – a far more likely source of loss than a fire for example. An expert broker will be able to recommend the right cover to provide effective protection, so cyber insurance should be at the top of the agenda for business owners when considering their insurance portfolio.