Beware of “BazarCall” Ransomware Attack Method

Posted on August 31, 2022 by Marijana Dabic

The new attack method has been growing in use among well-known ransomware groups and was responsible for 10% of malware incidents last quarter.

What is it?

BazarCall is a new attack methodology, known as a T.O.A.D (telephone-oriented attack delivery), which utilizes a phishing email to trick the victim into phoning a call centre – rather than clicking a link – and instructs them to download malicious file which infects their computers. By doing so, the BazarCall attack subverts common cyber security controls and allows the hacker to carry out a ransomware attack undetected.

The phishing emails usually refer to a subscription, for instance an antivirus software, which the victim never requested. The phishing email falsely claims that the only way to cancel this fake subscription is to phone the call centre.

From there, the hacker verbally guides the victim through the process of downloading a malicious Excel file with macros and then enabling those macros, which in turn infects the computer with malware.

Why is it critical?

Because the BazarCall method doesn’t require the user to click a link (as you would expect in a normal phishing email) common cyber security tools like email security filters can’t detect it. The method also subverts security controls because the user is downloading the malware themselves, unlike some more typical cyber attacks where the hacker must first penetrate the network.

Workplace security awareness education about phishing emails and social engineering doesn’t often include warnings for telephone-oriented attacks, which makes this attack more lucrative for hackers and more challenging for businesses.

What has CFC seen?

In early 2022, CFC’s cyber threat analysis team, which is responsible for analyzing and responding to cyber threats on behalf of CFC’s cyber insurance clients, first observed an increase in adoption of this technique by a variety of well-known ransomware groups.

In response, CFC analyzed its cyber customer base and found that BazarCall accounted for 10% of successful malware infections detected across its cyber portfolio in the last three months.

However, by intervening quickly, to date CFC has detected and removed every case of this malware within its impacted customers, at no cost to them. This intervention can happen at three stages:

By identifying whether a specific victim has received the phishing email, but not called the phone number
Whether they’ve called the phone number within the email
Whether they’ve installed the malware

How to mitigate

In order to protect your business from such attacks it’s important you’re implementing the following:

Keep all software and firmware up to date: Every device needs antivirus software. If an employee downloads a malicious application like the one from Bazarcall, or if an application becomes infected, antivirus software along with modern, up-to-date firewalls will help to secure the device and remove the infection.
Implement multi-factor authentication (MFA) on all remote connections: MFA can help reduce the amount of lateral movement and privilege escalation hackers can achieve within your systems. Even if your password is in the hands of the criminal, it is unlikely they will have your other forms of verification too. For more on MFA best practices, read our cyber tips piece on multi-factor authentication.
Employee security awareness training: The majority of cyber attacks are the result of human error, particularly employees who inadvertently click on malicious links or fall victim to social engineering attacks like BazarCall. Carry out regular security awareness training with your employees and ensure it covers all types of social engineering attacks.

For other ways to keep your employees safe read our article, Staying Safe Online.

Source: www.cfcunderwriting.com

Media Insurance Myths Debunked

Posted on July 29, 2022 by Marijana Dabic

Media liability insurance protects businesses against lawsuits brought against them for defamation, intellectual property infringement and breach of confidentiality. Insurance is imperative to cover these wide range of common risks in the media and entertainment industry.

My general liability policy will cover me for media liability claims
The majority of general liability (GL) policies will contain a specific exclusion for defamation and intellectual property (IP) infringement. A typical GL policy will cover bodily injury or property damage due to the insured’s alleged negligence, not for claims arising out of the content they create or disseminate. CFC’s media liability policy offers defamation and IP protection for content creators.

Only commercial entities have an exposure to media liability claims
Any individual with a public profile creating and/or posting content in the public domain has an exposure to defamation, IP infringement and breach of confidentiality. The news is full of examples of celebrities and high-profile individuals being sued for what they say online. CFC’s media liability policy offers protection against all of these exposures.

It’s impossible for us to be infringing on anyone’s IP when we came up with the original idea
It may be true that a business developed an idea from scratch, however, many projects include the use of third party owned IP, such as music or photographs. If you don’t have robust procedures for licensing in content, or even inadvertently make an error with the license owner or fees payable, you could be infringing on IP. Even when third party owned content is not used, it is extremely difficult to comprehensively guarantee your artwork or project is not infringing on another’s IP. CFC’s claims team have extensive experience in handling such IP issues, providing you with peace of mind in the event of a claim.

I have a longstanding relationship with my clients so they won’t sue me if I miss a deadline or cause a copyright infringement issue
Unfortunately, a longstanding relationship does not stop clients from bringing lawsuits against you, especially if they are being sued themselves by a third party for an infringement or defamation issue because you have created the content in question. It is important to protect yourself against both breach of contract, issues as well as media liability claims.

I would never breach an NDA so I don’t have to worry about having a breach of confidence claim or invasion of privacy claim brought against me
An inadvertent verbal slip to someone, a publication catching wind of your work, or accidentally exposing sources can all lead to claims. Particularly for publishing or broadcasting companies, portraying a source or subject in a way that person is offended by could land you in litigation. CFC’s media liability policy does not sub-limit defense costs, and options are available for costs in addition coverage

CFC’s media liability policy offers relevant cover for businesses and individual operating in the media and entertainment industry. Cover includes IP infringement and defamation, breach of contract, contingent bodily injury or property damage and sub contractors’ vicarious liability. CFC can also package cyber liability and commercial general liability into their media package to provide a comprehensive solution. Make sure your clients have the right cover in place!

Source: www.cfcunderwriting.com

Strategies for Navigating a Hard Market

Posted on June 24, 2022 by Marijana Dabic

In the insurance industry, the term “hard market” describes the market cycle, when premiums increase, coverage and capacity for many types of insurance decreases. A hard market can be caused by a number of factors, including:

falling investment returns for insurers
increases in frequency or severity of losses
and regulatory intervention deemed to be against the interests of insurers

IRMI Research Analysts have been tracking the ebbs and flows of the market cycle for more than 30 years. What are the trends?

We had an extremely hard market in the mid-1980s that moderated into an extended soft market in 1987 that lasted to 2000 and then turned to a full-fledged hard market following the terrorist attack in September 2001. Improved insurance results and financial performance resulted in a return to a soft market in 2004 that bottomed out in 2013 and remained relatively stable through 2018. In 2019, we entered the current hard market, and it is the toughest market buyers have seen since the mid-1980s.

As you can see, for the past 3 decades, the industry has experienced extended soft markets lasting roughly 10 years followed by hard markets with durations of about 3 years. If this cycle holds true, the market should begin to soften sometime in 2022 or 2023. Only time will tell when it will actually occur.

In the September 2021 issue of The Risk Report, we reported that, while brokers do see signs that price increases are beginning to level off for some lines of insurance and customer segments, the global market continues to harden for most lines and regions. Our message to risk managers is that 2022 will present another challenging renewal cycle and you should be investing in your risk management programs.

IRMI has compiled a checklist of 16 proactive strategies you can put into action to help mitigate the effects of a hard market. Implement these best practices at your company—or share
them with your clients—to present your organization to insurers in the most favorable light possible, and anticipate and plan for possible setbacks in coverage terms, limits, deductibles, and pricing.

Please click here to access the checklist.

Source: www.irmi.com

Life Science Myths Debunked

Posted on May 30, 2022 by Marijana Dabic

With constant developments in medical devices and research and development (R&D), it is imperative companies operating in this sector have insurance to cover the wide range of risks they are exposed to.

We have discussed with our life science team what some of the most common myths surrounding insurance for R&D, medical devices and dietary supplements and how you can respond to them.

Companies providing clinical trial services need clinical trial insurance

CFC’s clinical trial insuring clause is designed to cover bodily injury to a research subject from the trial’s investigational product, when the researcher is the sponsor of the clinical trial. This typically means they have developed the product. If the applicant is a service provider and a clinical trial sponsor, CFC can offer this coverage.Companies paid a fee in exchange for services provided to the clinical trial sponsor require professional liability insurance. This is available under CFC’s life science wording with the clinical trial insuring clause designed to cover bodily injury from the trial’s investigational product when the insured is the sponsor of the clinical trial.

Wholesalers and distributors have no product liability exposure

Wholesalers and distributors of medical devices, nutraceuticals and pharmaceuticals can often pass back product liability claims to the manufacturers of those products. Unfortunately, there will always be a contingent product liability exposure. The manufacturer could purchase lower limits than the distributor, or their policy might be with a poorly rated insurance company. In these situations, where the manufacturer’s policy was assumed to provide cover, the wholesaler or distributor’s policy would step in to pay claims.Rights of recourse are important from an insurance perspective. If a company outsources its manufacturing to, or imports its products from, territories with lower manufacturing standards, or in which lower limits of insurance a purchased; the company may struggle to enforce the third party to accept its legal liabilities and responsibilities in a contract.In addition, manufacturers may be based in a different country to the wholesaler or distributor.

We’re not a technology company, so we don’t have a cyber exposure

Every company who uses technology or the internet could be exposed to cyber-attacks. The life science industry relies on data to function, whether it’s a biotech performing research into a novel pharmaceutical or a CRO that holds data for the clinical trials they manage. A cyber-attack could exfiltrate business critical data, leading to delays in life saving trials or the cause of business interruption, preventing a biotech from moving to the next stage of research.A ransomware attack on a manufacturer could take over their computer systems and stop their production lines. This would result in costs for ransom payments to get the systems up and running again. This would also cause business interruption costs since the insured would be behind on their production schedule and potentially liable of costs to their clients for breaching their contracts. Similarly, an online retailer who relies solely on their website could be severely affected by a cyber-attack. This could cause them a large loss of sales and business interruption costs. The company may also suffer reputational damage and may incur heavy notification costs alongside potential compensation costs if customers data was leaked.In the event of a cyber event, CFC’s policy will cover breach notification costs, rectification costs in the event systems are damage, loss of income following an interruption to business activities caused by system downtime or as a direct result of the loss of current or future customers caused by damage to your reputation.

A clinical research organization only requires medical professional liability

Medical professional liability will help to protect the insured against negligence in the scope of rendering or failing to render healthcare related services which result in a bodily injury but does provide protection against third party financial loss claims which include allegations of negligence in the providing of professional services.At CFC, their policy can protect the research organization against both financial and medical professional loss.

We are private company we do not need directors & officers insurance

Many individuals believe that because a company is private that their liability is limited. However, the limited liability only protects the shareholders to the extent of their investments. This does not reflect on the directors or officers of a company whose liability is unlimited. Therefore, if they do not have D&O insurance and the company is unable or unwilling to protect them, the directors and officers will have to support their own defense.

Source: www.cfcunderwriting.com

Licensing Liability Risks

Posted on April 29, 2022 by Marijana Dabic

Many businesses such as food companies, manufacturers, fashion firms use third party intellectual property (IP) provided to them by way of a license agreement.

CFC specialist product provides protection for unintentional breaches of this agreement. Check out some of our recent risks in this area.

Celebrity endorsement deal

A drinks company had an endorsement agreement with a renowned music artist with the intention that the artist would promote and market the drinks on the artist’s social media platforms, as well as at concerts and events. The agreement required the artist to purchase insurance for breach of contract, as well as IP infringement and breach of confidentiality. The artist had media liability insurance for their music but didn’t have anything in place for the endorsement agreement.

CFC’s license agreement liability policy provided a solution for this, specific to the drink’s company’s contract.

Merchandise license agreement

A manufacturer of collectibles had an agreement with a major toy company to use popular imagery on some merchandise. The manufacturer carried a small errors and omissions sub-limit on their package policy, but their policy’s $250k sub-limit for IP infringement did not meet the toy company’s requirements for a $2m limit, and the existing insurer had no capacity to increase it.

CFC were able to write a contract specific policy which met the toy company’s requirements, enabling the manufacturer to sign the agreement and earn profit from the merchandise sales.

Brand sponsorship of events

A car company and a credit card company sponsor a popular food festival in the USA. As part of their agreement with the festival organizer, they license the use of their logos, trademarks and promotional videos to the festival for a short period of time. As licensors, they are concerned with the protection of their IP and trademarks and request the licensee to purchase IP infringement cover, as well as breach of the sponsorship agreement, so they insert a $5m insurance requirement into the agreement.

The festival organizer was able to purchase cover from CFC for both sponsorship agreements under a single policy.

Naming rights

A cryptocurrency exchange wanted to become sponsors of their local basketball team in the USA to show their support and increase the visibility of their brand. The sponsorship involved a change in name of the basketball arena that the team trained in. Originally it was named after the previous sponsor, an airline, but it would now be changed to the name of the cryptocurrency exchange.

The contractual agreement presented an IP exposure that the sponsored party did not have cover for, since they were granted rights to use players’ images and team logos in their own advertising, CFC’s license agreement liability policy was able to satisfy this need.

Source: www.cfcunderwriting.com