Attacks on Cloud Services Grow Amid Telecommuting Boom

cloud

As more of America’s workers were asked to work from home due to the COVID-19 pandemic, cyber criminals jumped at the opportunity to take advantage, it seems.

Remote work means work being handled on the cloud as employees share files and need a convenient way to access them.

But cyber criminals are banking on workers letting down their guards when they work from home, so it’s no surprise that while cloud service usage among enterprises jumped 50% between January and April, external attacks on cloud accounts boomed 630% in the same period.

Also, hackers and other cyber scammers orchestrated systematic attacks on collaboration tools like Cisco WebEx, Zoom, Microsoft Teams and Slack, according to the “Cloud Adoption & Risk Report ― Work from Home Edition” report by McAfee.

The risk to enterprises cannot be overstated as criminals try to take advantage of the sudden shift to telecommuting by thousands and thousands of organizations as they try to cope with the COVID-19 pandemic and continue operating during stay-at-home orders.

Employees are your organization’s first line of defense. You can protect your company by encouraging personnel to be skeptical of e-mail from unfamiliar sources.

Training your staff

Before the COVID-19 crisis, PricewaterhouseCoopers simulated a phishing attack on mid- to large-size financial institutions, finding that:

  • 70% of phishing e-mails were delivered to their targets, and
  • 7% of recipients clicked on the malicious link.

The danger with phishing and ransomware attacks is that it only takes on click, one missing endpoint agent, one failed alert, one unsuspecting employee, and the criminals can take control of your network and your cloud files.

Many of these attacks come in the form of what’s now called “social engineering attacks.” PwC recommends coaching all of your employees to take the following precautions, particularly on their mobile devices:

  • Be skeptical of e-mails from unknown senders, or from familiar people (like your company’s CEO or your doctor) who do not usually communicate directly with you.
  • Don’t click on links or open attachments from those senders.
  • Don’t forward suspicious e-mails to co-workers.
  • Examine the sender’s e-mail address to ensure it’s from a true account. Hover over the link to expose the associated web addresses in the “to” and “from” fields; look for slight character changes that make e-mail addresses appear visually accurate — a .com domain where it should be .gov, for example.
  • Grammatical errors in the text of the e-mail are usually a sure sign of fraud.
  • Report suspicious e-mails to the IT or security department.
  • Install the corporate-approved anti-phishing filter on browsers and e-mails.
  • Use the corporate-approved anti-virus software to scan attachments.
  • Never donate to charities via links included in an e-mail; instead, go directly to the charity website to donate.

Cyber insurance

Cyber insurance is designed to protect your company by insuring you for network security issues, privacy, interruption to your business, media liability, and errors and omissions.

For phishing, ransomware and other cyber attacks, the network security and business interruption portion of the policy would mainly come into play.

Network security coverage — This includes first party costs. That is, expenses that you incur directly as a result of a cyber incident, including:

  • Legal expenses
  • IT forensics
  • Negotiation and payment of a ransomware demand
  • Data restoration
  • Breach notification to consumers
  • Setting up a call center
  • Public relations expertise
  • Credit and identity monitoring

Business interruption — When your network, or the network of a provider that you rely on to operate, goes down due to an incident, you can recover lost profits, fixed expenses and extra costs incurred during the time your business was impacted. This includes loss arising from:

  • Security failures, like a third party hack.
  • System failure, such as a failed software patch or human error.

Insurance Costs Related to COVID-19 Could Top $100 billion

insurance cost

COVID-19-related losses for property-casualty insurers are likely to top $100 billion, with workers’ compensation accounting for about a third of all payouts, according to a new report by Wells Fargo & Co.

The report estimates that workers’ compensation could see total COVID-19 claims payouts of up to $34 billion, but that factors like the severity of workers’ comp cases and the number of deaths will determine the final payouts. This may spur rate hikes in workers’ compensation after years of soft pricing in most of the country.

The majority of workers’ compensation claims are likely to be in the health care sector, and the rest among “essential workers” who have had to remain on the job

One report by the Division of Workers’ Compensation at the Florida Department of Financial Services found that health care workers and those working in protective services accounted for 83.3% of COVID-19 indemnity workers’ comp claims filed in Florida as of May 31.

The Wells Fargo report forecasts that the claims are likely to put pressure on rates for number of lines of insurance. Besides workers’ compensation, it predicts that these other lines will see significant claims payouts:

Business interruption — The second-highest claims payouts, the report states, will be for business interruption losses related to the COVID-19 outbreak. Wells Fargo estimates that total claims payouts will be between $4 billion and $24 billion.

However, most business interruption coverage, which is typically tied to commercial property policies, does not cover losses from pandemics. That said, some stand-alone policies have had more liberal coverage wording that will require the insurers to pay the claims.

Event cancellation — The report estimates that event cancellation losses will account for nearly 30% of industry losses. This insurance protects event revenues and related expenses against the risks of cancellation, postponement, curtailment, relocation or abandonment of an event for unforeseen circumstances beyond the control of the event organizer.

Beyond the lost revenue, the costs of canceling a large event can run into the tens of millions of dollars, sometimes more. While the specific terms of event cancellation policies vary, many offer broad “all-risk” or “all-cause” coverage that is triggered by any unexpected cause that is not expressly excluded under the policy.

Other policies, however, are written such that only specific causes or risks (like terrorism or natural catastrophe) trigger coverage.

While some event cancellation policies include exclusions for infectious or communicable diseases (which would include COVID-19), many do not.

Other lines of insurance that could sustain losses due to the pandemic include:

  • Travel insurance — Issues that could come into play include emergency evacuation, repatriation and out-of-country medical benefits that cover costs for the treatment and transportation of sick or injured employees. Policies typically offer optional coverage for unexpected medical expenses.
  • Directors and officers liability — These claims could concern legal action for not taking timely measures regarding COVID-19 to protect the organization, as well as legal action for financial damage or even insolvency. 

The topside

The report also notes that there are some lines of insurance that could benefit from lower claims due to the COVID-19 pandemic. Chief among these is commercial auto, due to the substantial decrease in vehicle accidents as there have been fewer cars on the roads at a time of shelter-at-home orders.

What Business Insurance Policies Cover Rioting, Looting

looting

As protests around the country descended into rioting and civil unrest, many businesses that have been looted, or seen their shops damaged or completely destroyed, will obviously be turning to their insurance to file a claim.

While many companies were unsuccessful in filing business interruption claims for the COVID-19 crisis, claims for damage and theft from rioting and looting are more likely to be paid. A number of coverages will come into play depending on the damage and lost income a business suffers at the hands of rioters, vandals and looters.

Property damage

Standard commercial property policies cover damage to a business property caused by fire, explosion, riot or civil commotion, vandalism or malicious mischief. This would include coverage to the structure of the business, as well as any inventory, fixtures and other contents. Business owner’s policies also include this risk.

The business personal property coverage portion of the policy would cover damage and theft if rioters break into a real estate office, for example, and steal computers, burn furniture and destroy office equipment. That said, the damage would be subject to limits (specific or blanket), as well as any deductibles required by the policy.

Commercial vehicle damage

Automobiles are covered under the optional comprehensive portion of a commercial auto policy, which you should have for all your vehicles. This will pay for damage to the vehicle and its contents caused by fire, falling objects, vandalism or rioting.

Comprehensive coverage will cover the gamut and will pay you if a vehicle is:

  • Stolen,
  • Damaged, or
  • Destroyed (for example, burned).

One of the most common damages to vehicles during riots is broken windshields, which you can usually get covered with an optional glass coverage rider.

Business interruption coverage

Companies that are forced to close as a result of riot and looting damage may have coverage for business interruption under a business property policy.

The policy may also cover lost income because a business had to close after riots. It would often cover dependent properties or have contingent business extensions of coverage. Also, coverage can apply if a business suffers a loss of income because of curfews or if authorities bar access to a property.

Coverage is typically triggered if there is direct physical damage to the premises.

You should note that many policies require a 72-hour waiting period before a policyholder can begin making a claim. That’s because the first three days of business shutdown, access constraints or limited hours of operation because of a civil authority action are often excluded from coverage.

There may also be a limit to the claim period. A standard limit is up to three weeks of losses.

Filing a claim

When filing a claim, read your policy in its entirety to determine how to best present it. It’s important to understand the policy’s limits and deductibles before spending time documenting losses that may not be covered.

If you are going to file a claim, document all damage. You should have receipts for all your inventory and fixtures. Here’s what you should do:

  • Take photos of all damage.
  • Contact your agent and file a claim immediately.
  • Clean up to protect your building, but do not make major repairs until you talk to the insurance company.
  • Keep receipts for any remediation work.

If you’re going to file a business interruption insurance claim, you will need:

  • Pre-riot financial statements and income tax returns.
  • Post-riot business records.
  • Copies of current utility bills, employee wage and benefit statements, and other records showing continuing operating expenses.
  • Receipts for building materials, a portable generator and other supplies needed for immediate repairs.
  • Paid invoices from contractors, security personnel, media outlets and other service providers.
  • Receipts for rental payments, if you move your business to a temporary location.

A final thought: Filing a business interruption claim is not easy, particularly when estimating losses. The process is highly complex and can be contentious. If the insurer disagrees with your loss estimates, they may have specialists audit your claim.