Following the recent government-backed study by the Office of Cyber Security (OCS) which estimated that the UK loses 27bn each year due to cybercrime, the Federation Against Software Theft (FAST) has backed the recommendation that a central hub for UK firms be developed for the reporting of cyber fraud. In particular, it will address the issue of IP fraud.
Even though the OCS figures last week were in many ways based off assumptions rather than solid research, the large number still raises alarm bells and justifies further research. The new initiative would achieve better insight into the hows, whys and costs of UK cybercrime while acting as a central, unbiased hub where companies can report their losses and readily deal with the issue.
The importance of knowing more about cyber perils and how to prevent and responsibly deal with them is quickly becoming more apparent. This new measure could mark the beginning of a country-wide effort to truly address these costly crimes.
See the full story on Fstech.co.uk
As businesses of all types move almost exclusively online and individuals rarely separate from their web devices, cyber crime is quickly becoming a widespread problem, costing the UK an estimated £27bn last year alone. This includes £3.1bn affecting ordinary citizens through identity theft and online scams and £21bn affecting businesses of all types. Sectors hit hardest include pharmaceuticals, biotechnology, electronics, IT and chemical companies.
Cyber crime has remained a somewhat unexamined phenomenon. Low regulations for online security as well as the intangibility of the threat has made theft seem unlikely to many people. The new figures prove, however, that cyber crime is rampant and some estimate the figures could be even higher as businesses and individuals might not know that they’re victims.
The insurance industry hasn’t been particularly quick to respond to this, but policies which cover a business’s cyber risk are available and some build the coverage right into normal policies. As crime surges and the government’s regulatory powers to fine companies for weaknesses in their security infrastructure increase, having a robust security system in place and an insurance policy that covers this type of risk is essential.
See the full story on Metro.co.uk
Cyber liability cover comes as standard in many of our policies. Click here to learn more.
HBGary Federal, an American security firm, has recently had its website hacked by the online activist group Anonymous. The group has been involved in a number of high profile online attacks recently, including strikes on Visa, PayPal and others after the companies withdrew their support from WikiLeaks.
It gets worse. Anonymous not only replaced the HBGary website with a logo and a statement, but they also gained control of the company’s email, took down their phone system, placed many of their sensitive documents online and erased many of the others. They also personally attacked the head of the company, Aaron Barr, by hacking into his Twitter account and posting a series of racial and sexual slurs as well as many personal details.
Security breaches are becoming more and more common for all types of organisations, from banks to eTailers. But while most mean a financial gain for the culprit, this case takes on an eerily different tone. System hacking has become a weapon for the politically motivated and it looks like it’s only going to get worse.
See the full story on BBC.co.uk
If you’re a fan of fragrant bath soaps and face creams, you may have noticed that Lush.co.uk is currently out of order, the victim of repeat hacking that has compromised customers’ credit card details.
In numerous cases, the credit card fraud has changed from a potential danger to a reality. Some customers are reporting losses of over £1,000 and others are having to cancel cards, leaving them without access to accounts for days at a time.
Lush has handled the security breach well by clever social media marketing aimed at customers and hackers alike and all in their fun, casual style. But many customers aren’t laughing and Lush probably won’t be either. They face the possibility of paying PCI fines, which most traditional insurance policies won’t cover.
See the full story on Guardian.co.uk
For details on our cyber liability policy click here
Vodafone Australia has recently come under scrutiny after billing details and call history of millions of its customers were found to be available through a publicly accessible website.
Upon further investigation, Vodafone Australia’s largest premium partner, Communications Direct, was found to be at the source of the data breach. Not only were Comms Direct staff found to be manipulating the system to earn double commission, but there were separate claims of breach of privacy as employees were also forwarding customer records outside the company. Staff members were accessing these records by using shared login details with passwords such as “password1”.
The embarrassing lack of safeguarding by Vodafone Australia means they now face the possibility of paying out compensation to up to 4 million users. It should be noted, however, that the company was using approved government security methods which raises the question of whether more stringent guidelines should be in place.
See the full story on Infosecurity-magazine.com
See the story follow-up on Infosecurity-magazine.com