24 march 2020, text: Sandra Biraghi, photo: Unsplash
Cyber criminals have all sorts of ways of gaining electronic access to your company. A favoured trick is hacking email accounts. The cheats steal the identity of the sender. And so companies receive payment instructions from apparently trustworthy partners such as customers and suppliers, perhaps even from their head of finance or CEO. The money lands in the cheat’s account.
Another trap – emails with attachments or links to fake websites with instructions to download files there. Opening one of these files sends a Trojan into the internal IT system – with highly unpleasant consequences. Emotet, for example – currently considered one of the most dangerous cyber threats in the world – enables a malicious program such as the ransomware Ryuk to be downloaded. This not only encrypts data, it also deletes additional security copies. It is not just money that motivates cheats to this kind of attack – often it’s about pure destruction. This can lead to financial losses or claims that arise through data loss, data manipulation or data protection infringement. Insurers have now addressed this problem by offering tailored cyber insurance for companies. Helvetia not only compensates for claims through cyber crime, it also supports companies with a dedicated network of experts and security training.
Experts estimate that currently 250 million different pieces of malicious software are active globally today. And every day they are joined by an estimated 300,000 new variants. Christoph Guntersweiler, Head of Technical Insurance at Helvetia: ‘Despite comprehensive organisational and technical security measures, it is very often humans who make the critical error.’ That’s why he believes that companies should confront this issue, continually and critically, and raise awareness of it among their employees. Conversely, it is ultimately people who see through an attacker and thus protect the company.
And last but not least – keep a critical eye open for emails that seem strange, and if necessary, ask the supposed sender. And that way, you can spoil the hackers’ fun.