Do you process, transmit or store more than 10,000 financial transactions per year?
YesNo, less than 10,000
Do you use and keep up to date firewalls and anti-virus protection for all systems?
YesNo
Do you use third parties to complete audits of your system and security on a regular basis?
YesNO
Are all portable devices password protected? (mobile phones, laptops, tablets, etc)
YesNo
Do you have encryption requirements for all data including portable media?
YesNo
Do you have back-up and recovery procedures for business critical systems, data and info assets?
YesNo
Do you outsource any part of your network, including storage?
Yes, we use third party providers.No, all managed in house
Do you store sensitive information on web servers?
YesNo
Do you know of any loss payments, fines or penalties being made on your behalf?
YesNo
Are you aware of any matter which might give rise to a claim or loss under such insurance?
YesNo
Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?
YesNo
The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?
YesNo
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
Business Insurance Quote
Contact details:
Sections
Property & Contents
Yes, please quoteNo, thank you
Public & Products Liability
Yes, please quoteNo, thank you
Cyber Liability
Yes, please quoteNo, thank you
Theft & Money
Yes, please quoteNo, thank you
Computers & electronic equipment
Yes, please quoteNo, thank you
Business Interruption
Yes, please quoteNo, thank you
Machinery Breakdown
Yes, please quoteNo, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
For the past few years the media has been reporting large scale attacks such as Yahoo, AirBnB, LinkedIn, Myspace and a long list of others. In reality between 40% to 60% of all cyber attacks on Australian businesses are targeted at small to medium sized companies. Reports suggest this is due to a few important factors but a lack of security procedures and lower levels of employee risk awareness seem to be the major ones.
PwC found 65 per cent of Australian organisations experienced cybercrime in the last 24 months with more than one in 10 reporting losses of more than $1 million (compared to the global average of 32 per cent).
When you consider that 84% of Australian small and medium businesses are online and 1 in 2 are receiving payments online, Australia is a very attractive target for the would-be cyber criminal.
From Australian Cyber Security Strategy
Check out this short video from the National Insurance Brokers Association (NIBA) which succinctly summarizes who needs cyber insurance and why.
The 5 industries with the highest recorded amount of cyber-attacks 2015 – 2016:
1. Healthcare
2. Manufacturing
3. Financial Services
4. Government
5. Transportation
According to the 2016 IBM X-Force Cyber Security Intelligence Index — which reports more than 100 million healthcare records were breached last year. The IBM report is based on data they have collected from thousands of network devices they monitor in over 100 countries.
Between July 2015 and June 2016, CERT Australia – the main point of contact for cyber security issues affecting Australian businesses – responded to 14,804 cyber security incidents, 418 of which involved systems of national interest and critical infrastructure.
PwC Australia national cyber leader Steve Ingram, who previously headed fraud and security management for the Commonwealth Bank, says cyber attacks happen all the time. “It’s prolific,” he says
Here is another great cyber insurance summary from the KnowRiskNetwork.
Conclusion
In the past, business leaders adamantly avoided talking about cyber security processes or breaches for fear of reputational damage and legal fallout. We are slowly seeing more businesses who are not reluctant to talk about their cyber security hurdles and recognize the overall business risk not simply an IT risk.
Here is our January 2017 wrap-up of large scale malicious emails making the rounds for Australian businesses.
We have all received some suspicious emails in the past and laughed at the seemingly obvious red flags, it appears that gone are the days of the poorly translated foreign prince simply trying to return your unknown wealth. Today, as employee education continues to increase, criminals are very fastidious and clever with their malicious email phishing attempts.
Earlier this month a torrent of Australia Post scam emails were discovered with a simple method of infection designed to evade anti-virus software. At the time of discovery by MailGuard, only 1 of 68 popular antivirus vendors were detecting the link as malicious
The message indicates a parcel is ready for collection at their local post office, simply confirm your correct postal address by clicking the link at the bottom of the email.
Malicious Australia Post Email
Replica Australia Post Website
After clicking to confirm, a series of prompts leading to an identical Australia Post website end with a remotely executed malicious file being downloaded. An identical Australia post website has been created with the noticeable difference being the www.auspost.tk address instead of the official www.auspost.com.au, the malicious website even has ‘Captcha’ security forms and correctly scales for mobile users.
Help protect your business with cyber insurance.
Australian Securities and Investments Commission – ASIC
Reports of fake emails claiming to be from ASIC are making the rounds and distributing malware at an alarming rate. “Malware can reformat your hard drive, alter, delete or encrypt files, steal sensitive information, send unauthorised emails, or takes control of your computer and all of the software on it.”
“The message claims to contain an important message. But those who click to the link inadvertently download a malicious JavaScript file. The file is housed within a zip file on a compromised SharePoint site.” said Jaclyn McRae of Mailguard.
The emails have been disguised using a third party program which causes them to appear to be sent from a legitimate @asic.gov.au account.
ASIC email scam
According to MailGuard, at the time of reporting, none of 68 well-known antivirus vendors were detecting the link as malicious.
“Scammers pretending to be from ASIC have been contacting Registry customers asking them to pay fees and give personal information to renew their business or company name,” “These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link.”ASIC says.
Australian Taxation Office – ATO
The next government organisation being impersonated is the Australian Tax Office. The malicious emails are coming from a recently registered set of domains with slight variations to the correct ATO web address which is https://www.ato.gov.au.
“The email looks quite legitimate, and includes the recipient address within the text body. It includes Australian Government branding and confidentiality clause.”said Jaclyn McRae
The email contains a Microsoft Word attachment which the recipient is told requires their attention.
ATO scam email
“The attached document contains a a macro which when executed, downloads a virus from a remote location.”
Microsoft Word Malicious Macro
We’ve recently written about malicious Microsoft Office macros and other methods of infection, here.
“Adversaries are increasingly using Microsoft Office macros – small programs executed by Microsoft Office applications such as Microsoft Word, Excel or PowerPoint – to circumvent security controls that prevent users from running untrusted applications. Microsoft Office macros can contain malicious code resulting in a targeted cyber intrusion yielding unauthorised access to sensitive information.”
Commonwealth Bank
Apart from government departments, financial services giants are also regular targets. ANZ, Macquarie and AMEX have been recent targets of phishing scams.
Commonwealth Bank scam email
Very similar to the above mentioned ATO email scam, Commonwealth Bank customers have been sent the above secure message requiring the attached content to be downloaded. Once again, the Microsoft Macro contained in the Message.doc attachment downloads a virus from a remote location. Once recipients ‘enable editing’ and then ‘ enable content’ the virus is activated.
According to the MailGuard Security Blog , the malicious emails were sent from cloud-hosted servers in Hong Kong but the attack could have originated anywhere.
Driving Infringement Notices
A round of malicious emails poorly disguised as driving infringement notices has been targeting Australians for a few months. The continued attempts from criminals suggests some measure of success.
Despite having no branding, the ‘from’ name having no relationship to the sending domain and no reference to which police authority had issued the fine, it seems many targets have taken the bait.
According to MailGuard, “The malicious emails claim the recipient has incurred a fine for negligent driving. It says the fine will arrive in the mail, but that it can be viewed by clicking the link.”
Negligent driving scam email
The “photo proof” attachment contains a link which accesses a malicious ZIP archive and allows malicious software to be downloaded.
Conclusion
Thanks to MailGuard, subscribe to the security blog for regular updates here.
Each month we will try to highlight some common email scams targeted at the Australian market.
If we have missed a scam you think is important, please let us know below.
Lloyd’s of London better known as Lloyd’s is a corporate body which brings together multiple financial backers to pool and spread risk. These financial backers are grouped into syndicates, the syndicates referred to as underwriters or members are a collection of corporations and private individuals. In 2015, there were 84 syndicates that wrote £26.69 billion of gross premiums on business placed by 242 Lloyd’s brokers globally.
In the insurance industry Lloyd’s is one of, if not the biggest player with their syndicates having international bases and insight from markets around the globe.
In the past cyber insurance has been a relatively unknown product but this is all changing faster than the majority of businesses can keep up with. Expert predictions for 2017 are already indicating a lot more to come with no end in sight for historical breaches such as the 2014 Yahoo breach which was only discovered in 2016.
The current Chief Executive Officer for Lloyd’s and the first female CEO in the insurance market’s 328-year history is Dame Inga Beale. Heading the insurance market behemoth with regular insight into global insurance markets puts Mrs. Beale at the forefront of international business risk.
Inga Beale, Lloyd’s CEO
Beale spoke with Intelligent Insurer regarding the increase in businesses of all sizes taking up cyber policies over recent years.
“In Australia, Lloyd’s has seen the amount of cyber insurance being purchased increase 168-fold in the last two years, as the risk becomes more of a concern for businesses.”
“In 2016 we’ve seen highly publicised cyber-attacks on some of the biggest corporate and retail names in the UK and globally. The effect of these breaches is multi-layered – besides business interruption, they can have a long lasting reputational impact and seriously affect the bottom line,” Beale, said.
“The problem is that I think there’s a slight disconnect between clients and their understanding of what’s on offer, and perhaps even a lack of understanding within the insurance sector,” Beale said while speaking at CFC Underwriting’s Cyber Symposium event in London last Thursday.
Mandatory breach notification laws
“What we have seen elsewhere in the world is as soon as you’ve got some regulation out there, a requirement for businesses to report breaches when there is a loss of personal data, that is one of the key drivers for elevating the risk up to the boardroom.” Beale stated.
Mandatory data breach reporting laws have been passed in the United States and other countries so far with the Australian bill passing through parliament at the time of writing. Under the new bill, organisations that determine they have been breached or have lost data are required to report the incident, and notify customers that are directly impacted or considered “at risk”.
Organisations and individuals that don’t will face a range of penalties, including fines of $360,000 for individuals and $1.8 million for organisations.
Safeguard your business with cyber insurance.
Why Cyber Insurance?
“I’m afraid we no longer live in a world where you can prevent breaches taking place, instead it is about how you manage them and what measures you have in place to protect your business and importantly, your customers. As recent events have shown, hard-earned reputations can be lost in a flash if you do not have the correct plans in place.”
“There are two types of businesses. Ones who are being hacked and those who don’t know they are being hacked” Inga Beale.
“Insurance can play a critical role in helping businesses in this environment, not just in terms of cover for any financial losses, but for the support regarding meeting regulatory obligations and dealing with potential operational and reputational fall-outs.
The evolving cyber threat and new stricter regulations will change the way businesses are impacted by cyber incidents: they will have to deal with business interruption, financial penalties, regulatory scrutiny and reputational damage in a way they haven’t done before. All of these could be serious threats to a business’s revenue, share price or even survival.
That’s why, today, Lloyd’s views cyber as one of the most complex, current and critical risk businesses face.
Future expectations
“Our research has shown that cyber risk increasingly sits at the most senior level of business, and although the UK and Europe are still lagging behind the US in terms of take up of cyber coverage, the Lloyd’s market has seen a threefold increase on cyber business over the past two years, and we expect it to continue to grow in 2017.” Beale said.
With all reports for 2017 indicating a continued growth for cyber crime and mandatory reporting laws coming into effect around the globe, the time for robust cyber insurance and cyber security practices is now.
Have you ever wondered what the financial incentive for cyber criminals is? Many experts are reporting a staggering $1 billion was taken in from ransomware alone in 2016 not counting the other options for cyber crime.
For years we have repeatedly seen stories in the media about shadowy criminals making purchases with your credit card online and the onus being put onto the financial institution to identify,block and refund these transactions. Today things have escalated drastically and the black market for information has a broad range of options from online reward point accounts, medical records, auction site accounts and tutorials for new people interested in cyber crime. This escalation also means that the responsibility for online security is shifting to the personal side instead of solely the vendor.
Below are a few examples of the many ways cyber criminals are making money online from your accounts and information. Whether they are taking a website down to stop trade, extorting hospitals with sensitive patient information, auctioning hacking tools and guides for new criminals or just use of your netflix subscription, there is a market for it and it is thriving.
Bank details
Selling credit card numbers has been a classic source of revenue for cyber criminals. Although the market is starting to lean towards more specific details like medical records for social engineering and fraud purposes, credit card information is still a strong source of revenue. As can be seen below from a 2016 McAfee report, full card and personal details for a little as $40.
“Everything is available. We see bank-to-bank transfers offered for sale, and the availability of banking login credentials.”
Bank credentials for a specific account to drain funds has a higher value which runs as a percentage of the account balance. Usually around 1% – 5% of the available balance.
DDoS Rental Services
A DDoS attack will overload a victims website causing it to crash and prevent access until the attack stops. A frozen website can cause an instant halt to sales and have ongoing reputational damage. In 2016, 84% of Australian small and medium businesses are online with that percentage expected to increase in 2017.
The average cost to the victim of a DDoS attack is around $500USD per minute, the mean cost to the attacker is only $66 per attack. The cost to launch a DDoS attack is so low that the barrier to entry for attackers is practically nil – and that means that any organization can potentially be the target of a DDoS attack. What is a DDoS attack?
Russian DDoS advertisement
Exploit kits
Exploit kits are designed to be a ready to launch hacking tool, with many different variations available online for the budding cyber criminal to purchase and start causing mischief. One case of a student in Virginia, USA is facing a 10 years prison sentence after creating a key logger tool which records keystrokes and ultimately account information on the victim’s system. The student offered the nefarious tool for sale at $35 USD and sold to around 3,000 people who, in turn, infected over 16,000 victims, the U.S. Attorney’s Office said.
Using those numbers, his personal incentive for the key logger tool was approximately $105,000 USD which is certainly an attractive figure for any would-be cyber criminal.
Ransomware is malicious software which once it has infected a system the software will encrypt important files rendering the operations frozen until the victim pays a ransom usually demanded in bitcoin. Multiple ransomware kits have been found for rent in online marketplaces for as little as $1,000USD a month or $100USD for 48 hours.
Insure your business against cyber crime.
Online rewards programs
Online rewards programs such as account information for airline points have also been found for sale on cyber crime marketplaces. According to the report 300,000 airline points for as low as $90USD which is very concerning after the recent reveal that 90% of airline booking systems are insecure.
“Flight bookings worldwide are managed by the so-called Global Distributed Systems (GDS) that connect travel agencies, online booking websites, airlines and passengers. Amadeus, Sabre, and Travelport, the three largest GDS networks, administer more than 90 percent of the bookings as well as numerous hotel, car, and other travel reservations, according to Security Research Labs (SR Labs), a Berlin-based hacking research collective.”
Compromised organisation & infrastructure access
Other types of data for sale include access to systems within organizations’ trusted networks. The types of entry vary, from very simple direct access (such as login credentials) to those that require a degree of technical competence to carry out (such as vulnerabilities). We can see the availability of vulnerabilities that allow potential buyers access to bank and airline systems located in Europe, Asia, and the United States.
A recent report by cyber crime expert Idan Aharoni suggests that the types of systems criminals sell access to now include critical infrastructure systems. In his article “SCADA Systems Offered for Sale in the Underground Economy,” Aharoni included one example in which a seller provided a screenshot that appears to be a French hydroelectric generator as evidence that the seller had access.
Stolen enterprise data is also for sale, we have seen sellers offering data stolen from a university.
Medical Records
One of the fastest growing areas of data theft is the medical industry. Client records have been shown to be extremely valuable in the black market community for a number of reasons. One reason is the level of detail which medical records hold. Most medical records hold sensitive information which financial institutions are not privy to for example full name, age, family history, government ID numbers and other details used for social engineering.
Another reason medical records have increased in value is their extortion value to the holding hospital or medical practitioner. “A breach happens at one of these companies. The hackers go direct to that company and say, ‘I have your data.’ The cost of keeping this a secret is X dollars and the companies make the problems go away that way,” said Greg Virgin, CEO of the security firm RedJack.
Online Subscription Services
Netflix, HBO, Spotify, etc are just a few of the online subscription services for digital content that are available to purchase for a low as $1 USD. High demand for these accounts can be seen from the widespread listings in the marketplace despite their seemingly low value.
video streaming services are in high demand. Even premium professional sports streaming services can be purchased for $15. We also found other online accounts being sold, including lifetime subscriptions to premium pornography accounts, as well as free referral links to the dark web market Agora.
Insure your business against cyber crime.
It is unclear how 2017 will unfold with reports already saying 123456 is still the world’s most popular password but if that is any indicator of the state of personal security, 2017 is going to be a very lucrative year for cyber criminals.
Cyber attack results show over 2.2 billion records stolen
It’s time to reflect on some of the most audacious, embarrassing and dangerous hacks, leaks and data breaches from the past year. 2016 is finished but and at this point there have been more than 2.2 billion records stolen in the past 12 months with a large number coming from historical breaches.
Yahoo – Yahoo has advised they have had at least an incredible 500 million accounts compromised. The intrusion actually happened in 2014 but was only picked up by the company in August of 2016 following an investigation into a separate breach. The August cyber attack turned out to be false but brought to light the extent of the 2014 intrusion. While Yahoo says the information taken was low-value data it did include security questions and answers which would make users vulnerable if used across multiple sites.
Linux Mint backdoor– The Linux operating system still remains one of the most popular Linux releases with approximately 6 million users despite a recent backdoor being announced. The malicious code was inserted into the legitimate version listed on the official Linux Mint forums. Hundreds of users downloaded the malicious build before detection.
“The hacked ISOs are hosted on 5.104.175.212 and the backdoor connects to absentvodka.com. Both lead to Sofia, Bulgaria, and the name of 3 people over there. We don’t know their roles in this, but if we ask for an investigation, this is where it will start.” said the official Mint statement.
SWIFT – SWIFT or Society for Worldwide Interbank Financial Telecommunication is a global organisation that operates a trusted and closed computer network for communication between member banks around the world. With 11,000 members and around 25 million financial messages sent per day SWIFT is a prime target for a cyber attack. On February 4, 2016 unknown hackers used Bangladeshi Bank employee SWIFT credentials to send approx $850 million to numerous accounts in the Philippines, Sri Lanka and other parts of Asia.
When Bank employees found the error $81 million had already been credited to multiple accounts—reportedly belonging to casinos in the Philippines—and all but $68,000 of it was withdrawn on February 5 and 9 before further withdrawals were halted. The hackers might have stolen much more if not for a typo in one of the money transfer requests that caught the eye of the Federal Reserve Bank in New York.
TRUMP – The president elect’s TRUMP hotel chain has been the victim of two cyber attacks since 2015 with the most recent in April 2016. According to some sources the organisation was using unpatched and insecure systems which were more than 10 years old. The April findings were only scratching the surface but it is likely the TRUMP organisation has been compromised much further.
Then, Trump’s presidential campaign leaked the resumes of prospective interns, including their names, addresses, and in some cases sensitive employment details. Let’s hope his cybersecurity strategy is better when he’s in office.
LinkedIn – The global professional networking company was first compromised in 2012. As with the same case as Yahoo, the scale of the historical 2012 breach was only understood this year when the number of stolen accounts exploded to almost 117 million. One reporter noted that the majority of stolen accounts had passwords found in the annual worst passwords list from SplashData.
Here’s how to check if your accounts have been compromised in a cyber attack, haveibeenpwned.com
Tumblr – It comes as no surprise that the Yahoo owned micro blogging and social networking website, Tumblr suffered a similar breach to their parent company in 2013 before the acquisition. Tumblr staff announced that it had been the victim of a security breach but refused to give details until investigative journalists discovered the stolen database had more than 65 million accounts.
MySpace – Formally the world’s largest social network, Myspace suffered their largest known exploit and brought them back into the headlines for the wrong reasons. The breach occurred on June 11th, 2013 but once again was only fully recognised earlier this year after further investigation.
“Each record may contain an email address, a username, one password and in some cases a second password.The methods MySpace used for storing passwords are not what internet standards propose and is very weak encryption or some would say it’s not encryption at all but it gets worse. We noticed that very few passwords were over 10 characters in length (in the thousands) and nearly none contained an upper case character which makes it much easier for people to decrypt.” said leaked data analysts at leakedsource.com.
US Political Attacks – The media had a field day surrounding the 2016 US election accusations from the White House that the Kremlin had committed politically motivated hacks on presidential candidates. Director of National Intelligence, James Clapper stated that “based on the scope and sensitivity of these efforts, that only Russia’s senior-most officials could have authorized” regarding the hacks. Russia has repeatedly denied the hacking allegations.
VK – The largest European online social networking service, based in Russia was the victim of 3 separate hacks in as many months. According to reports, the attack occurred in 2012 or 2013 and continues the historical hack trend which has dominated this list. An estimated 171 million accounts from VK.com and their parent company Mail.ru’s forums.
The hacker is now reported to be selling a portion of the database. 100 million accounts, which turns out to be a little over 17 gigabytes in size have been found on a dark web marketplace for 1 bitcoin.
NSA – The infamous National Security Agency which is an intelligence organization of the US government, responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes has had their internal tools stolen and auctioned off by The Shadow Brokers.
The hacking tools which could break through Fortinet and Cisco firewalls was seen listed for auction through known exploit sites. With the wide range of Snowden Leaked files sources are able to confirm that the exploit tools belonged to the US government.
At the time of writing the auction has failed however, The Shadow Brokers have now appeared to have put up the NSA’s hacking tools and exploits for direct sale on an underground website.
NSA 2nd breach – To add to the public woes the NSA has been dealing with over the past three years,Harold Martin, former staffer stole approximately 50 terabytes of data from the the United States’ top security organisation. The majority of the information taken was considered classified and actually greatly eclipsed the previous breach by Edward Snowden.
Martin has been initially charged with mishandling information which has now been upgraded to espionage. While a lot of information was classified there is a large amount which is of greater public interest for which Martin has done a great service. Martin reportedly simply walked out the front door with the data over the course of his 20 year employment. This is case study number 1 for future employee breaches.
Oracle Point-of-Sale Terminals – Point of sale machines have become common place globally to assist all business’s process and retain important customer details. Micros, one of the largest terminal manufactures which was acquired by Oracle in 2014 for $5.3 billion reported that “hundreds of systems” at the company had been compromised.
The compromised systems had malware installed which was designed to remotely access usernames and passwords from systems located in retail outlets internationally.
Weebly – The web development and design giant put more than 43 million customers at risk earlier this year thanks to their own terrible internal security.
Weebly has openly admitted in a statement that the security gap and cyber attack was their own fault and they are taking appropriate measures for future security. The hacker reportedly took records which included usernames, passwords, IP addresses and email addresses.
AdultFriendFinder – The 2015 Ashley Madison breach which involved approx 37 million accounts has been made to look like a drop in the ocean after the 2016 AFF breach.
More than 400 million users were exposed in a targeted attack on the AdultFriendFinder network. The adult hook-up website has reportedly compromised an absolutely staggering 20 years of data from their initial set up in 1996. AdultFriendFinder describes itself as “one of the world’s largest sex hook-up” websites, with more than 40 million active users and a handful of similar adult oriented sites which were also compromised. In the cyber attack stolen data included usernames, browser information, date of the users last visit, purchasing patterns and more.
Insure your business against cyber crime.
Conclusion
Many more breaches have occurred which did not make the above list and with the enormity of the historical breaches now being brought to public attention it looks like 2017 is set for bigger and scarier reports to surface.
“I’m afraid we no longer live in a world where you can prevent breaches taking place, instead it is about how you manage them and what measures you have in place to protect your business and importantly, your customers. As recent events have shown, hard-earned reputations can be lost in a flash if you do not have the correct plans in place.” Inga Beale, Lloyd’s Chief Executive.
Trade secrets stolen in cyber attack on ThyssenKrupp AG
One of the world’s largest engineering firms ThyssenKrupp has released a cyber security statement. The release indicates they have been the victims of “organised, highly professional hacker activities” earlier in 2016.
The corporation consists of 670 companies worldwide. While ThyssenKrupp is one of the world’s largest steel producers, the company also provides components and systems for the automotive industry, elevators, escalators, material trading and industrial services. As of a 2009 reorganization, it is structured into eight business areas that fall under two major divisions, Materials and Technologies
“The incident is not attributable to security deficiencies at Thyssenkrupp. Human error can also be ruled out. Experts say that in the complex IT landscapes of large companies, it is currently virtually impossible to provide viable protection against organized, highly professional hacking attacks. Early detection and timely countermeasures are crucial in such situations. Thyssenkrupp has been successful in both respects” stated Robin Zimmermann, head of external communications.
The breach which was discovered in April 2016 after a series of additional breaches were discovered by the company’s internal security. The original breach was traced back to February 2016 and was caused by hackers located in southeast Asia.
Trade secrets and project data have been stolen from the plant engineering division. Other areas are still yet to be fully investigated in what is now the second major cyber breach since 2012 for the engineering giant. In 2012 TKAG and Airbus parent company EADS had also been targeted by Chinese hackers. In September 2015 China and the U.S. agreed not to target each other for cybertheft of intellectual property. This is a major step in the right direction and indicates their compliance with these tactics towards other targets.
Insure your business against cyber crime.
“It is important not to let the intruder know that he has been discovered,” a spokesman said. The news of the breach was not publicly announced until the company had cleansed the infected systems in one global action and implemented new security measures to monitor its computer network.
Within its marine systems unit, which produces military submarines and warships no breaches have been found.