17 June 2020

The role of risk mitigation in fighting the working from home cyber crime wave

Opportunistic and quick to respond to new vulnerabilities or exposures, cyber criminals have wasted no time in adapting to the conditions presented by Australia’s response to COVID-19. Gallagher cyber practice leader Robyn Adcock explains why the restrictions that helped contain the spread of the virus also encouraged a cyber crime wave.

Adcock says the widespread move to working from home has opened up gaps in business’s digital security, whether it’s because some people are using personal computers shared with other family members who may install games or software that introduce viruses or security holes, or because they fall prey to a scam.

Since the COVID-19 outbreak Scamwatch has received more than 2700 scam reports mentioning the coronavirus, with more than $1,114,000 in reported losses.

Common scams include phishing, online shopping and superannuation scams. Identity theft is a major threat, with cyber criminals pretending to be government agencies sending emails that look legitimate but often contain malicious links and attachments designed to steal personal and financial information.

The Australian Competition and Consumer Commission (ACCC) warns that “scammers have been doing an excellent job of impersonating the government, and at the same time have been actively pushing for people's personal information — including bank account details and superannuation account details — as we've never seen before".

“Criminals are using fear of the pandemic to be more effective in their social engineering attacks,” Adcock says.

“We’ve had clients who have suffered claims as a result of their employees clicking on a link asking them to upload their credentials. The link is loaded with ransomware so insurers all are seeing an increase in claims as a result of this activity.”

Robyn Adcock, Gallagher cyber practice leader

She says the challenge for businesses is to keep their employees safe in an IT environment at home. “The human factor is still such a huge element in why there are so many cyber security claims.”

She mentions distraction due to the presence of young children – or simply anxiety about current conditions – may also be an influence.

Education, risk mitigation controls and insurance

Employee education was already of major importance to cyber security before the pandemic and now this is even more heightened. “And then of course insurance, because insurance closes the gaps.”

Adcock says she sees insurance as an essential back-up to a risk mitigation approach of helping clients understand the controls that can be implemented to close those gaps. Prevention is the priority.

Hear Robyn Adcock talk about the key security concerns for businesses with employees working remotely.

Robyn Adcock - Gallagher - How and why has cyber risk increased during the pandemic

 

Further reading

Gallagher coronavirus pandemic resource centre

Gallagher news and insights


Gallagher provides insurance, risk management and benefits consulting services for clients in response to both known and unknown risk exposures. When providing analysis and recommendations regarding potential insurance coverage, potential claims and/or operational strategy in response to national emergencies (including health crises), we do so from an insurance and/or risk management perspective, and offer broad information about risk mitigation, loss control strategy and potential claim exposures. We have prepared this commentary and other news alerts for general information purposes only and the material is not intended to be, nor should it be interpreted as, legal or client-specific risk management advice. General insurance descriptions contained herein do not include complete insurance policy definitions, terms and/or conditions, and should not be relied on for coverage interpretation. The information may not include current governmental or insurance developments, is provided without knowledge of the individual recipient’s industry or specific business or coverage circumstances, and in no way reflects or promises to provide insurance coverage outcomes that only insurance carriers’ control.

Gallagher publications may contain links to non-Gallagher websites that are created and controlled by other organisations. We claim no responsibility for the content of any linked website, or any link contained therein. The inclusion of any link does not imply endorsement by Gallagher, as we have no responsibility for information referenced in material owned and controlled by other parties. Gallagher strongly encourages you to review any separate terms of use and privacy policies governing use of these third party websites and resources.

Insurance brokerage and related services to be provided by Arthur J. Gallagher & Co (Aus) Limited (ABN 34 005 543 920). Australian Financial Services License (AFSL) No. 238312