Attackers find new ways to bypass security controls
Attackers find new ways to bypass security controls
It’s important to evolve internal education practices to address emerging tactics. Campaigns that target specific kinds of employees can be particularly effective. Customized, specific security training provides a strong first line of defence.
Phishing-resistant forms of MFA can make it harder for cybercriminals to impersonate your employees. Consider measures such as hardware tokens like Yubikeys, or using passkeys instead of passwords. Eschew click-to-approve services in favor of number-matching MFA that requires users to enter numbers displayed on a login screen.
Finally, monitor your Identity and Access Management (IAM) solution to identify suspicious activity. Attackers may authenticate from unfamiliar locations or access systems using compromised accounts. User and Entity Behavior Analytics (UEBA) can help identify this anomalous behaviour.
Incorporating third-party and supply chain risk management is crucial for a robust cybersecurity strategy. Documenting vendors with access to your systems and utilizing Software Bills of Materials (SBOMs) helps you rapidly evaluate and respond to potential risks."
Franciso Donoso
Chief Technology Officer, Lodestone
Claims example
A community bank reported that its interactive teller machines (ITMs) were down after the vendor that provides and services the machines experienced a ransomware incident. Beazley received similar notices from a number of the vendor’s other credit union and bank customers. Forensic investigation determined that a hard drive was encrypted with BlackCat ransomware, deployed through software the vendor used to manage the ATMs and ITMs. No evidence of lateral movement or data exfiltration was discovered. Because the ITMs were managed on a separate network, the attackers were not able to pivot into the bank’s systems, and the impact of the incident was contained.
Data presented in this cyber services snapshot is derived from global incidents reported to Beazley between Q1 2021 and Q3 2023.
The information set forth in this document is intended as general risk management information. It is made available with the understanding that Beazley does not render legal services or advice. It should not be construed or relied upon as legal advice and is not intended as a substitute for consultation with counsel. Beazley has not examined and/ or had access to any particular circumstances, needs, contracts and/or operations of any party having access to this document. There may be specific issues under applicable law, or related to the particular circumstances of your contracts or operations, for which you may wish the assistance of counsel. Although reasonable care has been taken in preparing the information set forth in this document, Beazley accepts no responsibility for any errors it may contain or for any losses allegedly attributable to this information.
Incorporating third-party and supply chain risk management is crucial for a robust cybersecurity strategy. Documenting vendors with access to your systems and utilizing Software Bills of Materials (SBOMs) helps you rapidly evaluate and respond to potential risks."
