Posted by Trevagh Stankard on Tue, Feb 2nd, 2021
The insurance industry has seen a rise in the number of cyberattacks, in particular phishing scams. Some industries are slower to adopt the right cybersecurity and digital best practices. The insurance industry is one sector that is slowly catching up to the way companies can leverage the Internet and information technology. However, this makes for the perfect target for cyberattackers. Insurance companies are not the only ones lagging behind standards, but the antiquated systems without the latest cyber-defenses leave these organizations open to data breaches. As cyber-criminals improve their attack scenarios, it’s now more important than ever for insurance companies to be aware of the latest threats, trends and have a suitable cyber-defense to handle attacks.
Phishing is Still a Major Concern
Some of the largest and most damaging data breaches to date started with a phishing email. Attackers aim to steal credentials or send messages with malware attachments. With multi-factor authorization (MFA), stealing credentials doesn’t always result in a large payout. Therefore, attackers have been targeting organizations with ransomware, trojans, and other advanced persistent threats.
Since the COVID-19 lockdowns, spear-phishing is more prominent than ever. Attackers know users working remotely do not have the enterprise-level cyber-defenses, especially if they use their own network and personal machines. This makes for employees working remotely, the ideal target for cyberattackers. If a personal machine becomes infected with malware, the attacker may have the opportunity to gain access to the corporate network or infect additional industry machines.
File Injection Vulnerabilities
In the insurance industry, it’s not uncommon for companies to pull large files from various providers to process claims and other patient information. This leaves insurance agencies and other industry providers open to file injection attacks. Just one malware file injected into the standard processing of third-party information and the entire organization could suffer from a data breach.
The insurance industry is a major target due to the vast amount of information collected. Attackers can interrupt the file process by injecting their own code or intercepting data could potentially exfiltrate large amounts of data without the sender or file recipient aware that they’ve been compromised.
Since more users work from home, it’s easier for attackers to intercept data. Attackers target employees working from home to deploy malware on their devices. With employee devices infected, attackers can now gain access to any data available on the local machine. Without the right cyber-defenses installed, an attacker can intercept data for months before any evidence of a compromise is found by anti-malware applications.
Data Breaches in the Insurance Industry
Any organization that deals with healthcare and patient information are a valuable target for a cyber-attacker. Most cyberattacks are financially motivated. Attackers that gain access to patient information, can sell it on darknet markets. View TitanHQ guide to data breach prevention.
Here are a few examples of data breaches caused by cyberattacks within the insurance industry.
Anthem Healthcare: One of the largest data breaches in 2015, Anthem lost 78.8 million records to attackers leveraging spear-phishing to steal system credentials. After the breach, the insurance company was forced to pay $40 million in damages on top of the $115 million paid to patients affected by the breach.
Chubb Corporation: Chubb’s May 2020 data breach stemmed from a third-party provider that fell victim to a ransomware attack. Attackers then blackmailed Chubb to pay the ransom or release the data to the public.
Pacific Specialty Insurance Company: Phishing again was responsible for unauthorized access to Pacific Specialty Insurance Company employee emails. With compromised email accounts, attackers could then exfiltrate patient data.
Netherlands-based Insurer: Attackers often use fake spoofed email accounts to trick employees into wiring data to their bank account. A Netherlands Insurer fell victim to an attacker pretending to be the CEO of a large commercial vendor. The spoofed email message convinced employees to wire money to the attacker-controlled account. This type of attack is commonly used with social engineering and requires employee training to spot the red flags and avoid becoming a victim.
Protecting Patient Data from Being Hacked
Phishing is still a primary attack vector, hence insurance companies need to have the right email filters in place to protect from all malware attacks. Spam filters detect malicious content and quarantine the message rather than sending it to the intended recipient. Administrators can still review messages for false positives, this stops harmful emails from entering the inbox and eliminates the risk of phishing threats.
As attackers focus more on the insurance industry, companies must ensure that they have email protection in place to block phishing. With sufficient employee training and cybersecurity solution in place, harmful cyberattacks and data breaches can be prevented.
SpamTitan blocks spam, viruses, malware, ransomware, phishing attempts, and other email threats. Try out SpamTitan for free to learn more about the advanced and easy to use email security solution for your business. Start your free trial today.