With the pandemic affecting the businesses, the cybersecurity picturesque has swiftly paced up. The major tech force across the globe is working from home and will continue to do so globally. This invites new cyber threats that we did not even foresee earlier. The existing cyber threats will continue to thrive and find more loopholes to pierce into larger systems in banking and insurance (not restricted to fintech or insurtech alone though). However, attackers will constantly look for new ways and strategies to exploit businesses.
IoT based attacks are on the rise where hackers use the IoT devices used for smart homes as their tool to exploit. Most of the devices come with default passwords and consumers don’t care to change them. A recent demonstration of such attack was carried out recently in a LIVE conference where an “automated coffee maker” was hacked to brew coffee without the user knowing it. This can be avoided by simply changing default passwords the simplest way to cut the threat. However, the hardware exposed to public, e.g. CCTV and remote site monitoring systems, can still be hacked into by resetting hardware.
Blockchains need miners who can mine Cryptocurrencies like bitcoin. Mining simply put, is a process where you solve a complex puzzle to verify a transaction and add it to the chain. This needs high-end GPUs which are expensive and consume too much power. Hackers, to mine crypto currencies, hack into personal or company systems and use the GPUs without the companies knowing it. Installing anti crypto mining systems eliminates such hacks on all computing systems of a company.
The biggest attacks are caused by employees; the insider threat persists from generations. Especially in work from home environment where tracking is limited there is a high probability of leaking critical information and modus operandi of any organization. E.g. Access to Microsoft teams on phone, on the web app the recording can be restricted with permissions given to the app, but an android phone can record the entire screen without the company knowing it causing huge data loss.
Lastly the use of AI, the most lethal attacks are and will be carried out using AI engines. Hackers embed code in must-have applications and don’t exploit the systems for a longer period till the number of users are high. Once such numbers reach a substantial count the attacks are carried out. E.g. Task rabbit was hacked compromising data of 3.7 million users and the hackers are still at large.
The AI engines stay quiet and keep tracking the moves of the entire organization and learn the patterns and behavior of the entire organization. Some of the moves include patch update lifecycle, computation environment, communication protocols, and the time of day when systems are least protected.
While these threats are emerging and you should keep a close eye for them, it is crucial to ensure that your avail cyber insurance coverage
against the existing set of cyber attacks that are prevalent.
“If it’s connected to a computer it can be hacked.”
Expert Article by
K V Dipu
Head – Operations & Customer Service
Bajaj Allianz General Insurance
*Disclaimer: The views & opinions expressed in this article belong solely to the author & not necessarily to the author’s employer, organization, committee or any other group or individual.