Cybercrime trends - business interruption is a major threat

Cybercrime is evolving quickly, putting organisations at risk from a range of attacks including data breaches and business interruption.

This week a US health insurer revealed that it had recently discovered a data breach dating back nearly two years.  Ten million customer records were potentially accessed.  Excellus Blue Cross Blue Shield is just the latest in a number of data breaches affecting health insurance firms in the US.  The annual cost of cybercrime to the global economy is estimated at a staggering $445bn.  Germany is the EU country most affected by cybercrime, with an estimated annual cost of $59bn.

A new report by insurance specialist Allianz Global Corporate & Specialty (AGCS) explores the latest cyber trends that are putting global businesses at risk. 

Another study, this time by ThreatMetrix, monitored a billion transactions and discovered that fraudulent account attacks had increased by 20% in the second quarter of 2015.  Online lending is a prime target for fraudsters with fraudulent account creation the most popular form of fraud.

Key findings from the AGCS Report

  • Globalisation and increasing connectivity is enabling 'the commercialisation of cybercrime'
  • Everyone is a potential target – almost two thirds of targeted attacks are against SMEs
  • Different types of organisations are exposed to different risks – financial institutions will be at risk of customer data breaches and business interruption caused by attacks on electronic trading systems; tech companies may find their intellectual property is at risk
  • The risks of intellectual property theft and business interruption are increasing

Recent high profile examples of business interruptions caused by cybercriminals include the hacking of French broadcaster TV5 which affected its 11 TV stations, its website and social media and the grounding of Polish airline LOT’s planes in June 2015.

Five ways to mitigate cyber risk

  • Identify key assets and weaknesses, including the ‘human factor’ and over-reliance on third parties
  • Create a culture of cyber security and bring together stakeholders from across the business
  • Design a crisis response plan – and test it!
  • Think about how organisationa restructure can affect third party data
  • Decide which risks you can manage and control and which you may wish to transfer to third parties

The report A Guide to Cyber Risk: Managing The Impact of Increasing Interconnectivity is available here.

Additional sources: ITProPortal; Wired.