Page 21 - Logistics News - December 2021
P. 21
C YB E R SE CUR I T Y
also provide a range of support services. doubled over the past year, increasing from $761,106 to
From single to double to triple extortion. ‘Double $1.85 million in 2021. This surge has triggered a major
extortion’ tactics are on the rise. Criminals combine the shift in the cyber insurance market. Cyber insurance rates
initial encryption of data or systems, or increasingly even have been rising, while capacity has tightened. “Companies
their back-ups, with a secondary form of extortion, such as need to invest in cyber security. Losses can be avoided
the threat to release sensitive or personal data. In such a if organisations follow best practices,” explains Marek
scenario, affected companies have to manage the possibility Stanislawski, Global Cyber Underwriting Lead at AGCS.
of both a major business interruption and a data breach
event, which can significantly increase the final cost of the To pay or not to pay
incident. ‘Triple extortion’ incidents can combine DDoS Ransom payment is a controversial topic. Law enforcement
attacks, file encryption and data theft – and don’t just agencies typically advise against paying extortion demands
target one company, but potentially also its customers and to avoid further incentivising attacks. Even when a
business partners. company decides to pay a ransom, the damage may have
Supply chain attacks. There are two main types – those already been done. Restoring systems and enabling the
that target software/IT service providers and use them to recovery of the business is a huge undertaking, even when
spread the malware, or those that target physical supply a company has the decryption key.
chains or critical infrastructure. Service providers are likely
to become prime targets as they often supply hundreds IT security best practices
or thousands of businesses with software solutions and “In around 80 percent of ransomware incidents,
therefore offer criminals the chance of a higher pay-out. losses could have been avoided if the organisation had
Ransom dynamics. Ransom demands have rocketed over followed best practices. Regular patching, multi-factor
the past 18 months. According to Palo Alto Networks, the authentication as well as information security and
average extortion demand in the US was $5.3 million in awareness training and incident response planning are
the first half of 2021, a 518 percent increase on the 2020 essential to avoiding ransomware attacks. Numerous
average. security gaps can be closed, often with simple measures,”
says Rishi Baviskar, Global Cyber Experts Leader at AGCS
Business losses Risk Consulting.
Business interruption and restoration costs are the biggest
losses due to cyber attacks, according to AGCS’s claims In the event of an attack, cyber insurance coverage
analysis. They account for over 50 percent of the value has evolved to provide emergency incident response
of close to 3,000 insurance industry cyber claims worth services that typically include access to a professional
around $885 million it has been involved in over six years. crisis manager, IT forensic support and legal advisory. L O GI S T I CS NEWS
Further offerings include IT security training for employees
The average total cost of recovery and downtime – on and assistance with the development of a cyber crisis
average 23 days – from a ransomware attack more than management plan. •
www .l o g ist i csn e w s .c o .z a NO V E MB E R/D E C E MB E R 2021 19
