Insurance coverage corporations have an enormous goal on their proverbial backs as cyber attackers enhance their concentrate on an trade ripe with private, medical, company, and different confidential information that may be monetized after an information breach.
In 2023 alone, a number of insurance coverage corporations have been focused, together with Solar Life in June through an assault on its vendor Pension Advantages Data LLC; Prudential Insurance coverage in Could, wherein greater than 320,000 buyer accounts have been impacted; New York Life Insurance coverage Firm, which had 25,700 accounts affected throughout the identical days interval because the Prudential assault; and Genworth Monetary, which had as much as 2.7 million people affected. All of those insurance coverage corporations have been victims of the MOVEit file switch cyberattack.
Except for MOVEit, different widespread ransomware assaults additionally focused the insurance coverage trade. Point32Health, the father or mother firm of Harvard Pilgrim Well being Care and Tufts Well being Plan, was hit by a ransomware assault in April, whereas NationsBenefits reported that it was a sufferer of the Cl0p ransomware gang. The biggest US assault on an insurance coverage firm compromised 9 million sufferers of Managed Care of North America (MCNA) Dental, a sufferer of the LockBit assault.
Consulting agency Deloitte famous, “Cyber-attacks within the insurance coverage sector are rising exponentially as insurance coverage corporations migrate towards digital channels in an effort to create tighter buyer relationships, provide new merchandise and broaden their share of consumers’ monetary portfolios. This shift is driving elevated funding in conventional core IT techniques (e.g., coverage and claims techniques) in addition to in extremely built-in enabling platforms equivalent to company portals, on-line coverage purposes and web- and mobile-based apps for submitting claims.”
The agency added, “As insurers discover new and progressive methods to investigate information, they have to additionally discover methods to safe the information from cyber-attacks.”
Functions Reveal a Lot
The explanations insurance coverage brokers and carriers are actually within the hotseat are diverse, as Deloitte famous, however a number of stand out as key motives. Whereas essentially the most mundane is the profitability of acquiring personally identifiable info and private well being info for resale, there are extra nefarious inducements to assault insurers. For instance, insurance coverage purposes.
The quantity of personal, company information that seems on an insurance coverage software may very well be a bonanza to cyber attackers, says Marc Schein, nationwide co-chair of the Cyber Danger Observe and a threat administration marketing consultant at Marsh McLennan Company, an insurance coverage dealer. Schein notes that purposes embrace an enormous array of doubtless helpful info, together with the quantity of insurance coverage an organization is buying (ransomware attackers don’t wish to depart cash on the desk after they demand a ransom) in addition to among the deficiencies an organization may need in its community safety.
Schein factors out that different insurance coverage merchandise, equivalent to errors and omissions insurance policies or administrators and officers insurance policies, might present useful details about commerce secrets and techniques, non-public info of key firm executives, and information about potential enterprise transactions.
Patricia Titus is chief privateness and knowledge safety officer at Markel Insurance coverage, a provider that underwrites its personal assurance, specialty, and worldwide insurance policies. She agrees that purposes can present a deep understanding of an organization’s expertise profile.
Insurance coverage purposes can establish expertise debt, Titus says — unpatched software program, outdated {hardware} that could be previous the producer’s safety or software program patches, legacy techniques that might characterize potential safety vulnerabilities, and different deficiencies an organization may need in its community safety. These vulnerabilities may very well be exploited by attackers.
All Sides of Insurance coverage Transactions Are Weak
It isn’t solely insurance coverage shoppers that want to guage their cybersecurity infrastructure, Titus factors out. Markel is methods it could higher defend its personal information, in addition to that of its shoppers.
In Markel’s case, Titus says, the corporate is applied sciences that might do a greater job of microsegmenting its networks, limiting the power of attackers to maneuver laterally by way of the community ought to they efficiently breach the company defenses. Transferring laterally, she notes, is the best benefit an assault can have if they will discover a gap right into a community.
Human information at all times is attention-grabbing to cyber attackers, Titus provides. Ought to the attacker be capable of entry insurance coverage purposes or accepted insurance policies, they will study a terrific deal about potential targets. People and corporations alike must insure high-value luxurious gadgets, equivalent to antiques. Nevertheless, enterprises additionally insure commerce secrets and techniques (consider the recipe of Coca-Cola, for instance) that can not be made public by way of patents, non-public information about executives and officers, and errors and omissions that may happen throughout enterprise transactions. Finally, there’s a huge array of knowledge corporations defend that may be recognized and compromised ought to their insurance coverage insurance policies or purposes be breached.
Schein recommends that corporations submitting an insurance coverage software ship encrypted information solely in order that something intercepted throughout transmission can’t be learn by the attacker.
