Cyberattacks against businesses of all sizes are on the rise. While large enterprises often capture the headlines, small and midsize businesses are increasingly being targeted by cybercriminals. In fact, 61% of small and medium-sized businesses (SMBs) were hit with a cyberattack in 2021, with 82% of ransomware attacks targeting companies with under 1,000 employees, according to Verizon.
The financial impact of these attacks can be devastating for smaller companies. The average cost of a breach falls between $826 to $653,587 for SMBs. Yet only 17% of small businesses have cyber insurance, leaving them vulnerable to potentially business-ending losses.
With these numbers in mind, it’s important for businesses and business owners to understand how cyber insurance can help them recover from cyberattacks and keep their organizations afloat.
The Importance of Cyber Insurance: Case Studies
To illustrate how cyber insurance aids recovery after an attack, let’s look at several real-world case studies:
Construction Union Recovers $5.5 Million in Funds Transfer Fraud
A construction union fell victim to a phishing attack that enabled a threat actor to reroute a $6.4 million investment transfer to their own account. Upon discovering the fraud, the union called Coalition’s emergency claims hotline and engaged their incident response team.
Working with law enforcement, Coalition tracked the stolen funds to a Chinese bank account. They assisted the union in filing reports with the FBI and Hong Kong police, leading to the freezing and seizure of $5.5 million of the stolen money.
The union’s cyber insurance policy covered the remaining lost funds as well as the costs of the forensic investigation under their funds transfer fraud and breach response coverages. In just days, the union went from a $6.4 million loss down to around $500,000 out of pocket.
- Funds transfer fraud and breach response coverage enabled swift recovery of most of the stolen money.
- Partnership with Coalition’s incident response team and law enforcement led to the recovery of over 86% of stolen funds.
- The union was able to resume normal business operations quickly thanks to the support of their insurer.
Environmental Tech Company Targeted in Social Engineering Attack
After receiving suspicious text alerts, an environmental tech company called their bank to deny access to their account, only to be connected directly with a threat actor posing as the bank. While keeping the company on the line, a second threat actor impersonated an employee in a call with the real bank and obtained access.
Over two months, the attackers initiated five fraudulent wires totaling nearly $500,000. When the company contacted Coalition’s claims team, too much time had passed to recover the stolen funds. However, their cyber policy’s funds transfer fraud coverage reimbursed the company for the full loss amount.
- Social engineering tactics like impersonation enabled the attackers to bypass account security.
- Even though the stolen funds couldn’t be recovered, the company was reimbursed by their insurer.
- Funds transfer fraud coverage is essential due to the difficulty of retrieving wired funds.
UK Nonprofit Suffers Cryptojacking Attack
After noticing higher than normal utility bills, a UK nonprofit realized their systems had been compromised by cryptojackers who were using company resources to mine cryptocurrency.
Since the unauthorized activity had been occurring for two months by the time it was discovered, their IT team had already removed the threat actor, but the damage was done.
Coalition’s claims team calculated the loss based on typical utility usage across billing cycles, settling on $48,084 in damages. After the nonprofit’s $25,000 self-insured retention, their policy’s service fraud coverage paid out nearly $24,000 to cover the losses from the cryptojacking.
- Unusually high utility bills triggered the discovery of the cryptojacking attack.
- Calculating damages required analysis of typical energy usage over time.
- Service fraud coverage reimbursed the nonprofit for costs incurred by the threat actor.
Ransomware Attack Disrupts Dental Company — Backups Save Data
A nationwide dental corporation suffered a ransomware attack impacting over 50 offices. Within 24 hours of discovering the attack, the company contacted Coalition and engaged breach counsel and an incident response firm.
Because each office maintained local backups, they were able to start restoring data quickly without paying ransom. However, the complicated restoration process across numerous locations caused around five days of business interruption, amounting to $430,624 in costs. Their cyber policy covered the damages after their $25,000 retention.
- Maintaining viable backups allowed recovery without paying the ransom.
- Even without data loss, business interruption costs from the attack were substantial.
- Cyber insurance covered significant business interruption costs that the company otherwise would have borne.
Compromised Backups Lead Manufacturer to Pay Ransom
A machinery manufacturer was hit by an advanced ransomware group that compromised their Veeam and Azure cloud backups. With only 75% of data recoverable from backups and concern about data leaks, the company negotiated the initial $1.5 million ransom down and paid it to regain access.
Their cyber policy covered the reduced ransom payment as well as the costs of Coalition’s incident response team, which aided the recovery. However, the attack left the company more vulnerable until the exact breach vector could be determined and secured.
- Backups being compromised led the company to pay ransom to resume operations.
- Cyber extortion coverage in their policy reimbursed the ransom payment.
- An unknown breach vector left the company open to potential repeat attacks.
Cyber Insurance Takeaways for Businesses
As these cases illustrate, cyber insurance can be invaluable in the aftermath of an attack by covering costs that could otherwise devastate a company. Here are key takeaways for businesses looking to be prepared:
- Have a plan in place for responding to an attack and engaging outside expertise. Timeliness is critical.
- Maintain reliable, air-gapped backups to avoid paying ransom and for quicker restoration.
- Evaluate all coverage options, such as breach response, funds transfer fraud, ransomware, business interruption, etc., to transfer risk.
- Partner with an insurer that provides not just a payout but also hands-on support.
- Implement robust security controls like multi-factor authentication, but don’t rely on them as a single layer of defense.
- Create and routinely test an incident response plan for scenarios like ransomware, DDoS attacks, data leaks, etc.
- Conduct cybersecurity training and testing to reduce risks like phishing and social engineering.
- Control access with least-privilege permissions and monitor for unauthorized usage patterns.
With attacks on the rise, cyber insurance is no longer just a nice-to-have but a necessity for business survival and continuity. Partnering with an insurer that offers holistic protections beyond just a check can help businesses better avoid and recover from inevitable attacks.
Get a Free Risk Assessment
KSA partners Coalition offers a free cyber risk assessment, providing an overview of your risks and vulnerabilities. In addition to highlighting your vulnerabilities, the assessment includes a summary of recommended actions to help you mitigate your risk. Coalition also offers access to trained cybersecurity experts who can answer any questions you may have about the assessment or the recommendations you are provided.
Protect Your Business
Cyber insurance offers vital security to any firm. It’s time to protect your clients and yourself from cyberattacks. With years of knowledge and the know-how to walk you through the process of creating a policy that fits your needs, our staff at KSA Insurance can help.
Every business has unique vulnerabilities and cyberthreats. As a result, you require insurance that is unique to you. By leaving the protection to us, you can concentrate on what you do best, which is expanding your business. When you’re ready, get a free quote from us right now!