General Insurance Article - Cloud based office solutions under increasing cyber attack

 More and more organizations are turning to cloud-based solutions but, when a business email account is hacked, they find that the system’s default settings are inadequate to show the extent to which emails have been compromised.

 These incidents are usually caused by an employee clicking on a link in a phishing email, HelpDesk message, or Microsoft survey.

 After clicking on the link, the employee is redirected to a legitimate-looking website and asked for email credentials. This provides genuine credentials to the cyber-criminal who can then log into the account undetected. Once in the chain of communication, the cyber-criminal can provide fraudulent instructions to divert and steal payments made by or to the organization, or access personally identifiable information.

 The compromised credentials may also allow the cybercriminal to access other data and, if the organization uses cloud-based OneDrive storage, the cybercriminal will have access to all files the employee can access.

 Katherine Keefe, global head of Beazley Breach Response Services, said: “The number of compromised email accounts is accelerating but simple steps such as frequently changing passwords, having dual-factor authentication and removing auto-forwarding or auto-delete rules can help reduce vulnerabilities. With privacy regulations becoming more stringent and the public demanding greater accountability for their personal data, it is more important than ever for organizations to secure their lines of defense.”

 The full Beazley Breach Insights report for the 1st Quarter 2018 can be accessed here