Cyber_Bytes - Issue 38
We are back following a short seasonal break and hope you enjoy this latest edition of Cyber_Bytes, our bi-weekly roundup of key developments in cyber, tech and evolving risks.
RPC Annual Insurance Review 2022This review discusses the events that shaped the insurance market in 2021 and what we can expect in 2022.
In particular, we would like to draw your attention to the chapters on Cyber (chapter 44) and Technology (chapter 86).
Our Cyber chapter discusses the hotly anticipated Supreme Court judgment of Lloyd v Google which was released on 10 November 2021. It also considers how the cyber insurance market is likely to adapt over the next year, including the likely increase in standalone cyber insurance products and a continued hardening of the cyber insurance market.
Our Technology chapter discusses the development of AI in 2021, particularly in its use of ensuring a safe cyber environment. It also takes a look at the development of quantum computing and quantum-safe cryptography that we can expect to see in 2022.
Wider topics covered in the review include COVID-19, political unrest, global supply chain and labour issues, Brexit and ESG.
Click here to access the Review.
REvil ransomware gang arrested in Russia
One of the most prolific ransomware gangs, REvil, is reported to have been dismantled. Russian authorities charged several of its members and seized the gang's criminal proceeds.
This comes after the United States put forward a reward of up to $10 million for information on the gang members following a series of damaging ransomware attacks.
This sends a clear message to Russian cyber-crime gangs with the aim of stemming the wave of attacks. However, the fact that it was Russian authorities that took down the group has come as a surprise to many, given the previous tensions and poor relationship between Russia and the United States in terms of cyber-crime and cyber-relations.
Click here to read a BBC article which contains more detail.
Why tougher cyber insurance rules could be a game changer
Given the significant increase in the number of ransomware attacks being carried out by cybercriminals, the requirement for companies to obtain cyber insurance has never been more important.
Recent increases in ransomware attacks will ultimately mean that cyber insurance is likely to become more expensive for companies to obtain. However, the benefits of having cyber insurance cannot be underestimated.
In order to minimise risk, cyber insurers are conducting due diligence on companies more frequently. Doing so ensures that key risks and threats within a company' security are identified and managed early on. Many cyber insurers also offer pre-breach security support in a bid to reduce the chances of an attack. This can reduce the risk for insurers and will also add value for companies, especially those who may not have adequate security measures in place.
Click here to read an article from SC Media with more detail.
NATO offers tech support after 'massive cyber attack' hits Ukraine
Ukraine has recently been subject to a major cyber-attack which saw multiple government websites being taken offline. Given the significance of the attack, NATO pledged to support Ukraine by signing an enhanced cyber security arrangement.
During the attack, hackers posted threatening messages on the affected Ukrainian government websites. The messages were partly written in Polish and referred to controversial events in Ukraine's history over its relationship with Poland. A review of the messages written in Polish revealed clear mistakes in the text, prompting many to speculate that this was an attempt to try and deflect responsibility for the attack on to Polish hackers.
Given the tense negotiations between Russia, the US and NATO over Russia's build-up of troops on the Ukrainian border, many Ukrainians suspect Russia to be behind the attack.
Click here to read an article in Computer Weekly on this.
National Cyber Strategy will improve skills and build resilience
The UK government has promised to expand and enhance cyber skills across the UK through adopting a new National Cyber Strategy and increasing investment in the National Cyber Force. The introduction of this new strategy is aimed at advancing the UK's national interests in the cyberspace, thus strengthening its defensive and offensive capabilities through the building of technical expertise. It is hoped that this should also reduce the UK's reliance on suppliers from other countries who do not necessarily share the same values.
Click here to read an article from the Evening Standard with more detail.