September, 2022
-
Ransomware that Your Cybersecurity Insurance Can’t Cover
The latest alert from various US government agencies through the Cybersecurity & Infrastructure Security Agency (CISA) warns that actors affiliated with Iran’s Islamic Revolutionary Guard Corps are targeting vulnerabilities in Fortinet networking equipment and Microsoft Exchange email software. Like other threat actors, they leverage vulnerabilities to deploy tools and encrypt systems and exfiltrate data, creating significant business interruption and consumer risk, while demanding a large ransom payment.
-
Lloyd’s to Exclude Nation State Attacks from Cyber Insurance Coverage
Earlier this month, Lloyd’s of London announced in a market bulletin that they will cease their nation state attack insurance coverage beginning in April 2023. While there is a growing demand for cyber liability insurance as cyber-attacks grow in frequency, severity, and sophistication, Lloyd’s identifies cyber related insurance as an evolving risk for their business.
-
Education Sector Being Targeted for Cyber Attacks
Back to school apparently also applies to hackers. Educational institutions are currently being targeted for ransomware attacks. The FBI, Cybersecurity & Infrastructure Security Agency (CISA) issued a warning on September 6, 2022 about the increase in ransomware attacks by hacking group Vice Society. This group has been using compromised credentials to exploit internet-facing applications to gain access, explore the network, exfiltrate sensitive student data and deploy ransomware. In the past, we have seen this disruptive activity lead to classes being cancelled, exams being delayed, to schools being shut down permanently.