Ransomware & Funds Transfer Fraud

Preparing for a Second Wave of COVID
July 2, 2020

RANSOMWARE ATTACKS 

What happens in an attack? 

Hackers get businesses to download Ransomware viruses by tricking employees into clicking on phishing emails or exploiting software security vulnerabilities. Once downloaded, Ransomwares objective is to lock up proprietary data, including backups, and even cloud data. The hacker then demands a cryptocurrency payment to unlock the data within a time window or destroy all the data. 

Ransomware damages exceeded $5,000,000,000 in 2017. 

*Reference Below 

Every 40 seconds a new business in the United States is attacked by Ransomware

*Reference Below 

Why is a cyber policy essential?

Incident Response Costs: < $100,000 

This coverage is almost always triggered when a hack is detected and usually ranges in the tens of thousands of dollars, but can go higher than $100k.

Cyber Crime Extortion Costs: < $50,000

These costs are usually below $50k, but vary by the hackers discretion

System Damage & Business Interruption: < $1,000,000 

When these costs are triggered, the costs will vastly vary based upon the size of the business, system downtime, and repair costs. Note, Business Interruption & Rep Harm are usually the largest cost in a claim when triggered

  • System Damage & Rectification Costs
  • Forensic Experts: $350hr $500hr
  • Business Interruption: Lost Profit (% of Revenue)
  • Consequential Reparational Harm: Lost Profit (% of Revenue

*MustKnow Ransomware Statistics 

CLAIMS-EXAMPLES 

Ransomware Example 

In 2017, a catering company with $25M in revenue had an employee click on a link within an email from what looked like a colleague. This link automatically downloaded a ransomware virus into the catering company’s network, locking up all of their computers and data (including backups) connected to the network. The ransomware virus demanded that the catering company pay $3,500 in cryptocurrency to the hacker’s bank account, in order to unlock the corresponding computers and files within 24 hours. The catering company was in the process of getting the cryptocurrency in order, when the hackers completely destroyed their data. As a result, the catering company was unable to operate their business for two weeks. Forensic experts worked overtime in that two week period repair the corrupted data, while the catering company experienced business downtime. This claim cost the catering company $775,000. The forensic experts billed the catering company for their work at $75,000. The detrimental $700,000 business interruption cost resulted from the catering company’s inability to ship their food from A to B, causing it to spoil. The entire cost was picked up through their cyber policy. 

Funds Transfer Fraud Example 

(1st Party) In 2017, a midsized trucking company’s CEO had his email address compromised. An email was sent to wire money to an existing client, but with new bank account details. The CFO merely thought the client opened up a new bank account and trusted the email from the CEO, which was actually written by the hacker. One payment of $73,000 was wired out without being caught. On the 2nd wire request, the trucking company figured out the money hadn’t been received by their client and was stopped. Unfortunately, that first payment of $73,000 was unrecoverable. 

(3rd Party) In early 2018, a hacker compromised the email login credentials of an employee at a reputable title company. In the next two days, the hacker, posing as the title company employee, convinced one of the title company’s client to wire $350,000 for a new home to what was supposed to be the title company’s bank account. A week later, the title company followed up with their client, only to find out that a hacker convinced their client to wire money to the hacker’s bank account. An immediate lawsuit followed from the client. This title company had a cyber insurance policy that not only defended them from the lawsuit, but it paid the client for their stolen funds.

Evolve MGA

Bates Hewett & Floyd customers have access to a great Cyber Insurance product via Evolve MGA. Whether you are a current customer or not, contact us to discuss our offering to see if it is right for you!


Bates Hewett & Floyd

When you think about an independent insurance agency in Northeast Florida, you probably think of a small to a medium-size office run by a family or a few employees. If you have never visited or been inside Bates Hewett & Floyd, you have not experienced the big picture. With 30 employed professionals (currently seeking additional candidates to join the team) we are one big family (some blood, most not) that spans three offices and are spread throughout the many facets of insurance that Bates Hewett & Floyd.

Click here or below to speak with an agent or to request a quote >>>

 

Leave a Reply