In our last post, we explored InfoStealers —what they are, how they function, and who's most susceptible. If you're new to this threat, catch up here
The stakes of compromised data
For cyber insurers, especially focusing on commercial policyholders, understanding the value of compromised data is crucial. InfoStealers can be used to steal a broad spectrum of data, including critical credentials and authentication tokens. A breach could result in unauthorised access to a business's entire network and IT infrastructure.
Accessibility and threat level
InfoStealers are incredibly easy to obtain and utilise, requiring minimal technical expertise. They're readily available on the Dark Web, some even offered as a 'rental service,' mimicking a SaaS model. Due to their accessibility and potential to paralyse a business, they're often employed in ransom attacks.
Impact on claims
InfoStealers pose a significant threat to insurers, potentially resulting in hefty claims and heightened loss and burn ratios. The fallout for policyholders, both commercial and personal, can include:
- Substantial financial losses due to business disruptions
- Ransom payments
- Legal complications and costs from data breaches
- Considerable recovery expenses
Safeguarding Policyholders
Prevention remains the best defence against InfoStealers. Policyholders need robust protective measures such as antivirus software, thorough cyber education and multi-factor authentication (however, MFA fatigue attacks are often used to bypass this measure). Our consumer risk-management platforms are tailored to guide policyholders, utilising education, passive scans, and dark web monitoring to swiftly detect and address emerging threats. Due to the rising threat of InfoStealers, we are excited to announce that we are currently in the process of adding InfoStealer data as a new data source to our ever-growing Dark Web dataset - look out for our official announcement!
For extra peace of mind, we also offer a multilingual cyber support helpline 24/7/365 to provide instant support to policyholders concerned about phishing attempts or unwanted downloads.
Finally, we also work closely with insurers, reinsurers, and MGAs who utilise our tool, Breach Check, for proactive cyber risk monitoring. With Breach Check, you can promptly assess your book of policyholders for cyber risks, potentially predicting attacks well in advance. This proactive approach empowers policyholders to mitigate cyber risks, reducing potential insurance claims.
For insights on enhancing loss ratios and reducing risk, contact our sales team at sales@dynarisk.com.