3 March 2020

From Virus to Virus: Fears over COVID-19 Can Get Your Clients Hacked

It’s natural to seek clarity when a fast-evolving event is unfolding. All the better if the clarifying information comes from an authoritative source, like a government agency. Unfortunately, that’s an intuition that cybercriminals have made and used to their advantage in recent weeks.  

It’s estimated that 91% of ransomware attacks begin with an intrusion through phishing, the most common form of social engineering. For an attack-type that is based on exploiting human curiosity — victims have to want to see what is in the hyperlink or file attachment in order for a phishing attack to work — a major event like the COVID-19 (“Coronavirus”) outbreak is a tactical gift to criminals. 

To wit: on Saturday, the World Health Organization updated its warning against phishing activity related to COVID-19, saying that phishing emails from hackers purporting to be representatives of the WHO itself have been reported. Wired also reported an example of an email claiming to be from an expert offering guidance on “Corona Virus Safety Measures”.  And earlier, Kaspersky reported an example of an email purporting to be a “Health Alert” from the Centers for Disease Control (CDC). 

So far, no reports have indicated that actual ransomware attacks have taken place as a result of these specific tactics. Then again, ransomware events are often not reported in the media or even to the government except in certain situations or in specific U.S. states where disclosures are required. 

What brokers should know about phishing risks in a crisis

For insurance brokers, helping clients to understand how much of a risk phishing poses to their businesses has been a key part of conversations around cyber risk transfer and mitigation for years now. Events like the virus outbreak taking place now only serve to heighten awareness and activity around these “people risks” even further.  

The best case for an organization is to avoid attacks altogether through constant vigilance, combining training and education for employees on how to spot a phishing attempt with software and hardware solutions that further reduce the chance that a phishing email even gets to an inbox. An analysis by the Corvus Data Science team found that the use of email scanning and filtering tools correlated with a 33% reduction in the likelihood of being the victim of a ransomware event.  

From an insurance perspective, clients worried about these risks will want to hear about how a policy can help them achieve the preventative measures described above, as well as how it will respond in the event of an attack. Explaining the value-added services around phishing education and preparation, as well as the pre- and post-breach response services, are a natural starting point. Then, explain the coverages of the policy in the context of the kinds of attacks that are enabled by phishing, like ransomware — coverages things like business interruption, ransom payments, and replacement of devices. 

You can learn more about the threats of ransomware in some of our recent content.

Mike Karbassi

Mike Karbassi is Vice President and Head of Cyber Underwriting at Corvus. He specializes in Network Security, Privacy Liability, Technology E&O, Media Liability, and Miscellaneous Professional Liability. Karbassi has over a decade of experience in insurance and is a graduate of the Boston University Questrom School of Business.

Gerritt Graham

Gerritt is the Chief Commercial Officer at Corvus. He has over 20 years of sales and marketing experience, primarily focused on technology and data solutions for the financial services industry.

James McElhiney

James co-founded Corvus and is the company’s Chief Technology Officer. A 30+ year technology veteran, Jaimie most recently served as CTO of Iora Health and previously co-founded Gazelle.

Mike Lloyd

Mike Lloyd is the Co-Founder and Chief Product Officer of Corvus Insurance. Previously, Mike co-founded Poncho, a personal lines agency InsurTech startup, and was a venture investor at FJ Labs. Mike has an MBA from Harvard Business School and engineering degrees from Virginia Military Institute and MIT.

Phil Edmundson

Phil is the founder and CEO of Corvus. A 30+ year insurance veteran, Phil co-founded broker William Gallagher Associates (acquired by Arthur J Gallagher in 2015) and was an active leader in both the Worldwide Broker Network and Council of Insurance Agents and Brokers. Phil is the Managing Partner of Edmus Ventures where he invests in InsurTech companies including Verifly, Wellthie, Agentero, and Cover Wallet, and serves on the board of Cover Wallet.

Play Video