Insurance Companies Once Again Drive Cybercrime Headlines Financials Sector For the March 2015 Period Copyright © 2015 SurfWatch Labs, Inc. All rights reserved
Insurance Companies Once Again Drive Cybercrime Headlines
Financials Sector
For the March 2015 Period
Copyright2015SurfWatchLabs,Inc.Allrightsreserved
Cyber Risk Landscape in Financials - March 2015 InMarch2015theFinancialssectorsawaboveaveragecyberrisk,withanoverallSurfWatchLabsriskscorethatwas9%higherthanthesectorssixmonthaverage.ThatcontinuesthetrendofFinancialshavingaboveaverageriskeverymonthsofarin2015.FebruarysawthemassivebreachathealthinsurerAnthemdrivingmuchofthecybercrimediscussion,andMarchsawanotherroundofhealthinsurancebreachesgettingwidespreadheadlines.The11millionpeoplewhohadtheirinformationexposedatPremeraBlueCrosswasthemostdiscussedcyberrelatedincidentacrossallsectors,appearinginnearly11%ofallthenegativeCyberFactscollectedbySurfWatchLabslastmonth.WhenlookingatthenegativecyberdiscussionjustintheFinancialssector,thePremeraBlueCrossbreachdominatedtheheadlines,appearinginnearly62%ofthesectorsCyberFactscollectedbySurfWatchLabs.Clearly,recentmonthshavebeendrivenlargelybymajor,highprofilebreaches.Overall,Financialswasthesecondmostdiscussedindustrysectorinregardstocybercrime,getting18%ofthediscussionbehindonlyInformationTechnology.Forcomparison,inthefewmonthsbeforethelargeinsurancebreachesmadewavesthesectoronlyreceivedbetween2%and7%ofthediscussion.TheAnthembreach,thougholder,isstillgeneratingasignificantamountofattentionandwasthesecondmostdiscussedcybercrimetargetofthemonth,appearingin13%ofthesectorsCyberFacts.Beingperhapsthemosthighprofilebreachoftheyear,itwillbeinterestingtowatchhowthatdiscussioncontinuesandifanypotentiallongtermbranddamagewillresult.Lookingattheindustrygroupbreakdown,onceagain,insuranceisdominanthowever,therewerealsosignificantdiscussionsaroundvirtualcurrencylikebitcoinandbanking,whichfacedvariousphishinganddefacementattacksinMarch.
Copyright2015SurfWatchLabs,Inc.Allrightsreserved
Copyright2015SurfWatchLabs,Inc.Allrightsreserved
Financials Overview TheFinancialssectorreceivedagradeofD+forthemonth,indicatingthatthesectorsawanincreasedlevelofcyberriskforthemonthwhencomparedtoitssixmonthaverage.SocialActivityhadalargeincreasemidmonthlikelyduetotheinsuranceproviderdatabreaches.IncidentVolumealsoincreasedslightlyinMarch.Therestofthescoresremainedsteadythroughoutthemonth.Whenitcametomacroleveltargets,Data(62.6%)wasbyfarthetoptrendingtarget.PrivateNetworksandCloudService/Applicationscameinsecondandthird,respectively.FinancialInformationStolen/LeakedsawthebiggestriseofanyeffectinMarch,becomingthethirdmostprominenteffectforthemonthbehindDataStolen/LeakedandPersonalInformationStolen/Leaked.Again,muchofthemonthsdatawasdrivenbythevariousinsurancebreaches.Whenlookingatthebreakdownofspecifictags(below),virtualcurrencyminingpoolisthenumbertwotargetforthemonthanddistributeddenialofserviceisthenumbertwopractice.AgroupofbitcoinminingpoolsweretargetedwithDDoSattacksinMarch,withseveralreportingthatransompaymentsweredemandedinordertostoptheattacks.
Copyright2015SurfWatchLabs,Inc.Allrightsreserved
Activity and Events of Note Severalnotableeventsoccurredduringthemonthincluding:
PremeraBlueCross:Theinsuranceprovidersufferedamassivedatabreachaffecting11millionpeoplespersonalinformation.AccordingtoPremera,theincidentaffectedPremeraBlueCross,PremeraBlueCrossBlueShieldofAlaska,anditsaffiliatebrandsVivacityandConnexionInsuranceSolutions.Additionally,BlueCrossBlueShieldplanmemberswhosoughttreatmentinWashingtonorAlaskamayalsobeaffected,aswellasmembersofLifewise,anaffiliateofPremera.
AnthemInc.:Anthemwasthefirstmassivedatabreachatamajorinsuranceproviderthisyear.Thedamageisstillbeinginvestigatedandcontinuestospreadwith80millionpeopleaffected.
HighmarkInc.:ThePittsburgGazettereportedthatmorethan51,000currentHighmarkhealthinsurancecustomersinPennsylvaniawillreceivelettersnotifyingthemthattheirpersonalinformationmayhavebeenstolenaspartofthelargerAnthemdataheist.
NiceHash.com,GHash.IO,ShenzhenBiwangElectronicCo.,andCKPool:AlargegroupofbitcoinminingpoolsweretargetedwithaDDoSattack.ThewaveofattacksonnumerouspoolsstartedthefirstweekofMarchandcontinuedthroughmidMarch.Bitcoinpaymentwasdemandedtostoptheattack.
SouthwestMontanaFederalCreditUnion:AgroupofwebsiteswerehackedbysomeoneclaimingtobeaffiliatedbyISIS.BothU.S.andEuropeansitesweredefacedortakendown.
BankofAmericaCorp.:Aphishingscam,perpetratedbyemailandfakesocialmediasites,targetedBankofAmericacustomersinlateMarch.
Financials Conclusions, Trends and Predictions InsuranceisthenewhackRecentbreachesatPremeraBlueCross,Anthemandotherinsurancecompaniesarenotacoincidence.Insuranceprovidersholdalotofdata,anditmaybeeasiergainaccesstothatdatathroughinsurancecompaniesthanothergroupsthatarepotentiallymorehardenedlikebanking.Whilemonetarytargetswillalwaysbeimportant,hackerswillcontinuetotargetthesevaluabledatarichenvironmentsaslongastheycontinuetohavesuccessdoingso.Additionally,theeffectsofthesemassivebreachescontinuetoplayoutaftertheinitialheadlines.Manybusinessesarecommunicatingwithemployeesabouttheinsurancebreaches,andcybercriminalsoftenusethesemajoreventsasaspringboardforphishingattemptsandotherattemptstocausefurtherdamage.BitcoinstilltakinghitsMarchwasyetanothermonthofcybercrimerelatedtobitcoin.ThereweresomegoodthingshappeninglikeIBMssearchforawaytobolsterthecybercurrency.Outweighingthosepositiveoccurrenceswerenumeroushackingsofbitcoinmarketsaswellasthearrestoffederalofficialsfortheftofthecurrency.Thestockmarketisevengettinginvolvedwithbitcoinnow,andwhilethatmaylookgoodontheoutside,itmightnotbeenoughtokeepthecurrencyafloatifitcontinuestobeeasilystolen.
Copyright2015SurfWatchLabs,Inc.Allrightsreserved