Hollard warns never underestimate hacker power
Ryan van de Coolwijk, Hollard Broker Markets cyber product manager, Hollard Specialist Liabilities
|Issued by: Hollard|
[Johannesburg, 2 November 2016]
Cyber specialists and IT professionals are modern-day pioneers whose daily challenge is not to underestimate the threat from hackers to data – the bedrock of the modern commercial world.
It is the duty of the insurance industry to be up to date on hacking techniques and cyber crime trickery to make sure the companies under Hollard's protection are defended against cyber criminals to highest degree possible.
In addition to businesses, terrorists also welcome hacking and theft of national secrets. Global governments are realising they need to up their game and become united in the fight against terrorism and cyber crime. This has motivated agreements and calls to action by nations, which are hopefully moving the world towards proactively sharing threat intelligence and away from focusing on attacks on, and defence against, each other.
High-profile government hacking
There have been a number of eye-opening high-profile government spying and hacking incidents over the years, which highlight the potential power being used. These include:
* Edward Snowden's revelations about US National Security Agencies (NSA) PRISM programme. PRISM included spying on a number of governments, including German Chancellor Angela Merkel as well as allegations that, as part of PRISM, the NSA tapped directly into the servers of nine Internet firms, including Facebook, Google, Microsoft and Yahoo, to track online communication.
* There are also allegations around the British intelligence agency, the Government Communications Headquarters (GCHQ), tapping into fibre connections and monitoring communications, as well as having access to the NSA PRISM database.
* About a year ago, the GCHQ admitted for the first time, in a court case – as part of the Investigatory Powers Tribunal (IPT) – that it carries out computer network exploitation (CNE), commonly known to you and I as ‘hacking'. This happens both in the UK and other countries. (http://www.theguardian.com/uk-news/2015/dec/01/gchq-accused-of-persistent-illegal-hacking-at-security-tribunal)
The IPT was told that microphones and cameras on electronic devices can be remotely activated without owners' knowledge; photographs and personal documents copied; and locations discovered.
The tribunal was also told that Snowden's documents referred to GCHQ's CNE capabilities, including programmes called:
* Nosey Smurf: which involved implanting malware to activate the microphone on smartphones;
* Over a year ago, FireEye reported that, for more than a decade, a cyber operation, with likely ties to China, spied on Indian defence as well as business and media operations.
Awareness of possibilities
These incidents aren't shared to be a dramatic alarmist, but rather to show that the possibilities of the hacking in the cyber world are virtually limitless and should never be underestimated. Brokers would be doing their clients a service if they bring hacker power to their risk awareness. We may not be involved in, or exposed to, internationally explosive incidents, but the information and data we protect, as well as confidential meetings which take place, means the world to all our clients.
So the bottom line is not to underestimate the hacker risk and realise it may be necessary to call on professional assessment, if necessary. In our duty of financial protection through insurance, our experts and risk assessors at Hollard Insurance are on call to consult and examine the risks each operation faces because powerful and effective risk management is an essential ingredient in the recipe for success – and hacker power grows constantly.