Case Study #1: Ransomware Coverage (CHAP)
A homeowner clicks on a link posted on his social media account. It forwards him to a malicious website that downloads ransomware, locking up his computer. A dialog box appears on the screen and the criminal demands payment to unlock the computer. The CHAP responds by putting the homeowner in touch with a CyberScout security expert who attempts to unlock the computer over the phone. If the security expert is unable to unlock the computer, she will assist the homeowner in restoring the computer using the last available back up.
Case Study #2: Cyber Business Interruption (ISAP)
A small retailer of pet supplies does 60% of its business over the internet. Its website is hit with a massive denial of service attack and as a result, the website is unavailable to take orders for two consecutive days. This reduces their two-day income by 40%. The business files a claim for loss of revenue, which is covered under the ISAP’s Cyber Business Interruption coverage.
Case Study #3: Social Engineering Fraud (OBT)
A cybercriminal uses social engineering tactics to install malware on a company computer system where they capture the company’s online banking log-in credentials. The cybercriminal then logs into the business’ banking account to create and transmit unauthorized Electronic Fund Transfers (EFTs), normally ACH or wire, to an account they control. OBT covers the loss and the experts at Cyberscout help shore up their system defenses to prevent future attacks.
Case Study #4: Breach Notice Coverage (CHAP)
A homeowner volunteers to coach little league baseball. The league requires the coach to collect and keep PII such as canceled checks, email addresses, etc. A hacker breaches the home computer and the information on it is stolen. State law requires (1) notification to the victims so they can take precautions to protect against identity theft and (2) provide assistance to the victims, including credit monitoring.
Case Study #5: Security Breach Liability (FARM)
A Farmowners computer system is infected by malware while innocently surfing the internet. The Farmowner, an employee or family member then visits an online retailer to purchase a pair of shoes. The shopper sends the retailer a question about the shoes by email. The shopper includes a picture of the shoes to help clarify his question but the picture becomes corrupted with malware. When an employee of the online shoe company opens the attachment to view the picture, the malware infects the retailer’s network that crashes the website and reduces its sales. The retailer hires an IT firm to get the website back up and it finds the cause of the infection. The Retailer then sues the Farmowner for the damages.
of cyber attacks against businesses target small companies
Source: Symantec, 2017
of small businesses go out of business within 6 months of an attack
Source: UPS Capital, 2017
of small businesses don’t use any data protection at all for company and customer information
Source: UPS Capital, 2017