Just days before Christmas, a widespread cyber attack devastated a medium-sized law firm, encrypting files, locking emails and demanding a US$50,000 (about NZ$69,500) cryptocurrency ransom to release the data and unlock their system.
While the company had a highly competent IT team, it didn’t have the forensic specialty to delve into the breach, understand the extent of what was compromised and negotiate what to do about the ransom payment.
Fortunately, the compromised law firm had a cyber insurance policy with Crombie Lockwood insurance brokers. In addition to covering them for the costs associated with the cyber incident, it crucially gave them immediate access to an experienced breach coach that was able to quickly coordinate the right experts to assist.
“It’s a kind of Armageddon where networks are taken down and organisations just don’t know where to start in response,” says Claire Haszard, Crombie Lockwood’s Manager Northern Region, Financial & Professional Risks.
“It’s a kind of Armageddon where networks are taken down and organisations just don’t know where to start in response.”
“These are totally destabilising events and are often targeted at professional services like lawyers or accountants who hold sensitive data and have financial transactions being made all the time.”
How CyberSAFE cover helps
Crombie Lockwood’s specialist cyber insurance policy CyberSAFE offers 24/7 access to professionals including lawyers, forensic experts, IT consultants and public relations professionals who can communicate with customers, the press and all stakeholders who may have been affected by the breach. Via CyberSAFE, the cyber victim’s ‘breach coach’ mobilised a forensic IT team to sweep their premises that very same day.
“Every cyber attack is different so it takes someone with experience to coordinate the right people to assist in approaching the problem,” explains Haszard.
The forensic team soon found decryption was impossible and the criminals had installed a ransomware demand of US$50,000 (NZ$69,500). The law firm decided to pay the ransom, given there was no other option, and the breach coach then supplied another IT specialist who could conduct appropriate sanction checks, negotiate the ransom and access sufficient cryptocurrency.
“The costs to the business are so much more than that ransom,” adds Haszard. “You might not have been able to trade, you might have had money stolen and you might be facing regulatory fines. This all adds up really fast.”
Covering costs and expertise
Ultimately, the compromised law firm’s claim costs were in excess of NZ$100,000. But its management were relieved to have adequate cyber insurance that not only covered the costs, but also offered expertise to handle the situation.
“CyberSAFE is a one-stop shop to help cover the potential costs and quickly access the necessary expertise when you need it,” explains Haszard.
While businesses are now more aware of cyber threats, many still rely on outsourced service providers and mistakenly believe that an attack is the third party’s responsibility.
“Even if you are hacked through your third-party provider, it’s still your reputation on the line and your clients’ and, in some cases, they might not be contractually liable for a breach,” says Haszard.
“And as we’ve often found out, sadly cyber criminals are always one step ahead of everyone else.”
Get your cyber insurance sorted
CA ANZ members receive a 25% CyberSAFE discount. Talk to our CA ANZ dedicated insurance brokers to get your cyber insurance sorted.