Cyber Risk Control

Data Privacy Day – Monday, January 28, 2019

The MEL is once again participating in Data Privacy Day, an annual international effort to create awareness about the importance of respecting privacy, safeguarding data and enabling trust.  Data Privacy Day (DPD) is led by the National Cyber Security Alliance in North America.

This year, DPD will spotlight the value of information. Whether you’re an individual looking to better manage your privacy and how your data is collected and shared, or a business collecting, using and storing that information, remember: Personal information is like money. Value it. Protect it.

The MEL encourages members to participate at work — and at home.  Do one thing, such as reviewing the MEL’s “Email Dos & Don’ts” infographic (below), learning about Cyber Security tips for tax season, or enacting the MEL’s Cyber Risk Management Program.  See additional Cyber resources below and visit our Model Risk Control page.


Model Risk Control Program

 

Cyber / Network Security / Privacy

This coverage is provided by XL Catlin (and Beazley if you purchase excess), not your local JIF.

  • First Party | Includes coverage for cyber-related Business Interruption, Data Recovery and Cyber Extortion
  • Third Party Liability | Includes coverage for Privacy and Security events suffered by third parties for your wrongful acts, and Privacy Regulatory Defense, Awards and Fines
  • Data Breach Response and Crisis Management | Includes costs you incur for data breach response providers (legal, forensics, etc.) arising out of a data breach

Claim Reporting

  • Step 1 | Notice of incident or claim made to the JIF claims administrator.
  • Step 2 | Call the 24/7 XL Data Breach Hotline at 1 (855) 566-4724 for immediate triage assistance.

Please note: contacting the data breach hotline does not satisfy the notification requirements of your policy.

cyber incident roadmap
MEL-Email-Infographic-FINAL

 

Additional Resources

Cyber Security Tips for Tax Season
Cyber Risk Control Video
MEL Coverage Bulletin 17-26
Data Privacy Day Information
XL Catlin’s Online Cyber Risk Portal
The New Jersey Cybersecurity & Communications Integration Cell
Government Technology
PivotPoint Security | Information Security Blog
KnowBe4 Twitter
KnowBe4 Blog
Net Diligence
Email Do’s & Don’ts PDF

Article – Cyber Insurance: Is you public entity properly protected? (League of Municipalities Magazine Oct.2018)

Cyber Task Force Bulletins

Preparedness: Ransomware in the City Atlanta, 18-01
Threats: Russia-Backed Malicious Activity & New “Bad” Ransomware Strains, 18-02
New Ransomware – RYUK, 19-01

Cyber Task Force Security Update

New Ransomware – Ryuk

The MEL saw a number of cyber claims at the very end of 2018.  While the holiday season is a very popular time of year for cybercriminals, the number of claims was unusually high. As the incidents are being dissected, the MEL is noticing most of the claims containing a new strain of ransomware, called Ryuk.

The New Jersey Cyber Communications and Integration Cell (NJCCIC) reported in late August the Ryuk strain was first detected in early August of 2018 by Check Point Research, a leading cyber threat intelligence company. According to Check Point’s report, the Ryuk strain seemed to be related to other existing ransomware, indicating the same creator. The NJCCIC update indicates Ryuk is very advanced, killing many processes and embedding itself deep into the system, in addition to deleting backup files, making it difficult to successfully overcome.

The criminals appear to have learned that designing such advanced malicious software with a high success rate would pay off, as the ransoms demanded have been over $100k in each incident……and that is in bitcoin, of course (15 BTC – 50 BTC). In addition, the ransom escalates each day by 0.5 BTC.

Ryuk seems to enter via email phishing campaigns, weak Remote Desktop Protocol (RDP) passwords, and stolen credentials. Once the system is infiltrated, the attacker patiently waits and escalates their privileges until become an administrator on the system.

The MEL Cyber Risk Management Program offers key security recommendations which would help against these attacks, such as patching, requiring regularly updated passwords, good backup practices and cyber hygiene training. In addition, sources, such as Sophos and KnowBe4, recommend controlling RDP access, utilizing VPNs, initiating two-factor authentication, automatic lockout after a few password attempts and highly restrict administrative privileges.

In the recent news, Ryuk Ransomware was reported at the Chicago Tribune, Recipe Unlimited (Canadian Restaurant chain) and DataResolutions.net (a cloud hosting provider).

Click here to visit Check Point’s initial publication on Ryuk.

Click here to download this bulletin.