The Breakdown of a Cyber-Attack
1st November 2019 3 min read
At Miles Smith Insurance Solutions, it is our role to provide our clients with the knowledge and help them to understand the risks their business faces and how they can protect against them. We understand the complexities around cyber, which is an ever-growing topic in the media. In this article we breakdown the stages of a cyber-attack, the role the attacker plays and the impact that the cyber attack has on a business.
What is a cyber-attack?
A cyber-attack can take a business’s entire systems offline, whether through an employee inadvertently clicking a fraudulent link or a malicious criminal deliberately targeting them.
Breakdown of a cyber-attack:
There are several types of cyber-attacks that could affect a small to medium sized business, however for this example we are going to look at a phishing attack. Phishing is a social engineering technique whereby an attacker hides behind a trusted entity, deceiving a victim into opening an email and providing sensitive information. The goal of this type of attack is to steal user details, such as credit card numbers or login credentials.
In this example we look at the cyber event from the attacker’s perspective and how it affects a business:
|Targets access to the business’s systems through the internet, via a phishing email, and potentially installing malicious software (malware) to the network||Employee unwittingly opens the link and enters the sensitive information requested by the hacker|
|The attacker steals the employee’s credentials to gain full access, enabling them to suspend the business’s network||Computers, telephones, printers, scanners and all other connected machinery are unable to operate|
|The attacker can then establish a foothold and exploit the malware they installed, allowing them to move around the network undetected||The business is unable to make any contact with customers and they are unable to access any of their files and data; they can’t collect data or issue invoices etc.|
|Using the information gathered, the attacker sets up fraudulent credit cards and loans in the business’s name||The business is held to ransom until they pay the requested amount by the attacker. |
Ransoms can range from £300 to hundreds of thousands of pounds
|If the ransom demand is refused the |
attacker may leak sensitive information
|A data leak would expose the business to claims from third parties for breach of their data. They they may also suffer negative press, possibly leading to a loss of customers|
How can cyber insurance protect my business?
Cyber Liability Insurance provides businesses with protection against financial loss resulting from the loss of personal and/or corporate data. Cover addresses the first and third-party risks ranging from the loss of a single laptop or file to the hacking of a company’s website or entire network.
For more information on our cyber cover, please see here.
Get in touch
If you’d like to discuss how to protect your business against cyber risks, please contact your account executive or call the Miles Smith team on 020 7977 4800.