On 04 January, a leading provider of school websites was hit by a massive ransomware attack. The provider, Finalsite, manages content, communications, mobile apps and enrolment for over 8,000 schools. It was forced to take its services offline while it addressed the hack. Security staff first noticed the attack in certain corporate systems and quickly set to work restoring services and corporate networks. Most school services were restored within a week of the attack, and Finalsite has still found no evidence that customer data was stolen. This is the latest of many attacks on service providers, in turn disrupting the systems of thousands of customers.
The FBI’s Internet Crime Complaint Centre received 300,000 more reports in 2021 than in 2020. As if that wasn’t startling enough, the losses reported totalled more than $4 billion. To protect against losses, companies have relied on cyber insurance. However, with cyber attacks increasing in volume, cost and severity, many insurers have now altered – or completely removed – their coverage options. Insurers have become extremely risk-averse, with Lloyds of London one of many to recently reduce their cyber coverage. For those that do manage to find an insurer, there will be increased costs, less comprehensive coverage, and more burden of proof that any incidents were not the fault of the victim.
Microsoft has been the architect of its own issues over the last month, with two security patches causing more problems than they fixed. In one patch, users were able to bypass a previously closed flaw to elevate their access privileges. The flaw was discovered by a security researcher in late November. It applies to both Windows 10 and Windows 11 users, and Microsoft are aware of the ongoing issue, with an update in the pipeline to fix the weakness. By releasing the patch, Microsoft actually made Windows more open to attack – hopefully the next one will be more successful.
One of the world’s premier insurance companies, Lloyds of London, has announced that it will no longer pay out on damages from nation-state cyberattacks. Lloyds’ cyber insurance products used to cover most damages occurring from cyberattacks. In the announcement, Lloyds said that damages coming from “cyber war between two nations” would not be covered, although this left plenty open to interpretation. The decision comes after Lloyds had already increased cyber insurance premiums due to the ongoing ransomware wave, and is a signal that they may be expecting more in the future.
CS Energy, one of Australia’s largest energy producers, was the subject of a ransomware attack in late November. The exact target of the attack was its corporate networks, confirmed CEO Andrew Bills. Fortunately, CS Energy staff reacted quickly enough to prevent widespread damage – segregating affected networks to stop the spread of the attack further down the line. It also confirmed that energy production was not affected, and that it would be able to continue to supply customers as normal. This attack is the latest in a string of incidents targeting critical national infrastructure.
Companies that supply water across the USA are on red alert for a potential cyberattack. According to Jeh Charles Johnson, former US Secretary of Homeland Security, all companies should make preventing attacks their first priority – especially those that supply vital goods. Johnson cited the example of the Colonial Pipeline attack in May 2021. The hack caused widespread panic and confusion, and left millions on the east coast of the USA without fuel. Johnson warned that such far-reaching consequences make an exciting target for hackers, who may look to encourage ransom payments by causing as much damage as possible.
