If the last year has taught us anything, it’s that tragedy and turmoil can strike in unsuspecting ways. Although the pandemic has caused slowdowns in many aspects of business, cyber crime is not one of them. In fact, cyber security incidents have increased: The FBI reports as many as 4,000 new attacks every day.
Cyber terrorism a growing concern as hackers take advantage of these complicated times and growing tensions. But what is cyber terrorism? And how is the shift to remote workforces forcing a reevaluation of approaches to information technology and cyber security?
What is Cyber Terrorism?
While we’ve become used to hearing about cyber attacks, cyber terrorism instills a different type of worry. Computer hackers have long worked to gain access to classified information for financial gain, meaning terrorists could do the same. Terrorists, both international and domestic, commit violent criminal acts to further their ideological goals.
The threat of cyber terrorism is not new. Our heightened reliance on technology in the wake of a difficult year has increased concerns, though. And it’s not just about government agencies concerned about national security. Hacker groups and terrorist organizations go after the critical infrastructure of businesses as well, to bring havoc and destruction upon their targets.
Now, you may be thinking, “What is an example of cyber terrorism that could affect my clients’ business?” Often, businesses affected by cyber terrorism are collateral damage in attacks against government agencies like the Department of Defense. A terrorist group may launch an attack that inadvertently damages a network or interrupts their business.
However, there are times when cyber terror attacks target a specific company. The Sony data breach of 2014, widely attributed to North Korea, is an example of such an attack. In other cases, nation-state computer hackers develop tools that attack vulnerabilities within their targets, such as the Department of Defense, but the attack gets away from them. This is believed to be the cause of a 2017 attack that brought down the network at drugmaker Merck and cost $840 million in losses—and disrupted production of critical vaccines.
That same NotPetya attack in 2017 also brought operations at food manufacturer Mondelez to a halt. Mondelez, which owns brands like Cadbury and Philadelphia Cream Cheese, lost more than $100 million when the software that tracks invoices and shipments crashed, employees couldn’t access the network, and computers needed to be replaced.
What made the losses even more painful, beyond the fact that Mondelez wasn’t even the actual target of the attack, was that the company’s insurer refused to pay the claim for the losses. Their reasoning? Mondelez was an unwitting victim in a cyberwar, which triggered their insurance policy’s “war exclusion” clause. Had the company had a standalone cyber insurance policy, though, their claim would have been paid, and the bottom line would not have taken the hit.
How Could Your Clients Be Affected?
Your clients have likely heard these stories as well as other reports of cyber threats like data breaches, malicious code attacks, denial of service attacks, and ransomware demands. With so many threats, they may be wondering “What is cyber terrorism going to do to my business? And can we survive an attack?”
Your clients could face the effects of a cyber-terrorist attack in many ways. Whether terrorist organizations attack your clients’ computer systems directly, or one of your clients’ third-party vendors, a terrorist attack could do considerable damage. What if their cloud service provider loses all stored data? Or, the funds are drained from their bank?
Recent large-scale attacks on local infrastructure have required both the National Guard and Federal Bureau of Investigation (FBI) involvement. What about attacks on basic services like water, electricity, and emergency communication channels? Should these services be down, could your clients conduct business? Probably not.
How to Defend Against Cyber Terrorism: Five Steps Your Clients Can Take
Your clients do not have to lose their business due to the actions of a cyber terrorist. Combatting cyber terrorism is an ongoing process, complicated by the ever-changing nature of the threat landscape. But you can help them take steps to protect themselves now:
- Use Strong Passwords
With software that can guess thousands of passwords in seconds, a complicated password is a strong password. Follow password best practices, change them regularly, and prohibit using the same password for multiple logins.
- Follow Cyber Security News
- Create a Culture of Cyber Awareness
All employees should be actively engaged in cyber-security education and attend regular, updated training. Stress the importance of staying vigilant and be on the lookout for anything suspicious.
- Vet All Third-Party Vendors
Your clients’ cyber-security posture is only as strong as their third-party vendors. Clients’ should demand transparency from vendors regarding cyber-security practices before signing contracts or conducting any business.
- Get Protected With a Cyber Insurance Policy
With a cyber insurance policy, your clients will know they have the protection they need to survive a cyber attack and even a potential cyber terrorism attack, including:
- IT forensic costs
- Notification costs
- Credit protection costs
- Crisis management costs
- Crime and social engineering
- Breach of Personally Identifiable Information (PII) and resulting third-party claims
- Multi-media coverage
- Cyber extortion
- Cyber business interruption
- Digital asset damage
Get Started with ProWriters
With over twenty years of industry experience, ProWriters is a leader in helping brokers find their clients the cyber terrorism protection they need and deserve.
For more resources and information on how to defend against cyber terrorism, download our FREE eBook, Ransomware: The Front Lines to understand what makes these attacks so dangerous and what your clients can do to avoid them.
Contact a ProWriters expert to get started today, or call us at 484-321-2335 with any questions.