Cyber News Roundup: My kingdom for cyber insurance

Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

Much of the coverage about cyberattacks has tended to focus on the impact of data breaches on individuals. But it’s important to note that these attacks end up costing companies a pretty penny as well. According to the latest data from Kaspersky, the average cyber incident cost enterprises $1.23 million, a 24 percent increase over the preceding year based on research from March 2017-February 2018.

The changing landscape of cyberattacks has led to a growth in the number of cyber insurance programs. Endpoint security companies including SentinelOne and CrowdStrike are offering ransomware cyber guarantee programs that, in Sentinel One’s case, offer up to $1 million per company or $1,000 per endpoint. While that may seem like a lot of money, consider that Equifax’s much publicized security breach cost the company over $240 million.

According to CIO Dive, growth in warranty programs will go hand-in-hand with the cyber insurance market, in which stand-alone and package premiums grew 54 percent in 2017 to $2 billion, according to Insurance Journal. The market is expect to grow rapidly over the next few years, reaching $14 billion by 2022, according to Allied Market Research.

“The announcement of another company launching a warranty program demonstrates that customers are placing new demands and vendors are responding, with interest between the two parties coming closer in alignment,” said Jeremiah Grossman, current adviser and former chief of security at SentinelOne.

Where’s my DNA?

Equifax, Target and Sony are just some of the more famous security breaches that have occurred in the past few years. The latest comes from MyHeritage, the ancestry website that helps customers trace their family history. As discussed in the Seattle Times, MyHeritage recently disclosed that every customer email address and password appeared on a private server. That’s roughly 92 million accounts.

Fortunately, customer data like DNA information is stored elsewhere so there wasn’t any sensitive information that was stolen. While the security breach occurred on October 26, 2017, the company did not learn of the stolen information until seven months later.

Let’s go to ssler

Not to be the bearer of more bad news but, according to the Cisco Systems’ Talos threat intelligence unit, the VPNFilter malware that hit routers and NAS devices worldwide back in 2016 is worse than originally thought. Not only have researchers identified more products that have been impacted, they found “additional third-stage modules, one of which is capable of compromising not just the networking devices, but also the endpoints connected to them,” according to SC Magazine. The report highlights two new stage-three modules: ssler and dstr.

As noted in reporter Bradley Barth’s article, “VPNFilter malware affects even more network devices, can deliver exploits to endpoints,” the ssler module is capable of exfiltrating data, as well as injecting malicious JavaScript into web traffic intercepted from network devices, while dstr adds a “kill” function which is capable of bricking devices to any stage-two VPNFilter module that didn’t already come with this power.

Partner blog of interest