A question to ask your government. Would NSA / FBI immune

These attacks embedded malicious code into the Network Management software, when early reports suggest this attack may have begun as early as in March 2020. It led attackers to gain unauthorized access, and it is significant as this attack appears to be organized by a foreign nation-state to gather information about the US government. 

This "supply chain compromise." is one of the TTPs (tactics, techniques, and procedures) used here, just by embedding malicious code into the software in the supply chain or network of other companies to increase a widespread attack quickly. So far, the objectives or targets of the espionage activity are unknown. Some suggest that it could relate to the US presidential election, the coronavirus pandemic, or perhaps other themes entirely. Still, it is an escalation in the use of Cyber Crime or cyber espionage on behalf of government entities.

For a business, such an attack is responsible for insurance claims in the area of business interruption and data exfiltration. While business interruption claims occur when normal operations halt, resulting in loss of productive time and revenue, a Data exfiltration occurs when the hacker download business-critical information, encrypting the original files and threaten to expose the data if not getting their ransom. 

Under the "supply chain compromise.", the attackers are very targeted in nature. Those companies that use SolarWind's Orion Network management software may be exposed. The company provided an advisory on December 15, 2020, per government regulation required, had advised organizations that may have compromised vulnerability and outdated versions.

While there are still many unknowns about this attack, there may be much to learn from this incident. The situation and information are available to change over the coming weeks. The compromise of a build system at Solarwinds Orion was not likely the only incident, and there may be more.

Not too worry if you are with us on cyber insurance. Let just say a hacker gains access to an employee's email or breaches your network. Our insurer will cover costs to fix the problem and breach-related expenses such as credit monitoring and regulatory penalties.

Contact us for a quote if you do not have access to these

Consider our cybersecurity & insurance package to keep your business safe. The solution is considered the best in the industry for a company to handle cyber risk. We offer comprehensive insurance policy coverage, complimentary cybersecurity tools to keep track and safeguard your business, with 24/7 professional incident response to help you quickly react to a cyber incident.

Introducing the most innovative and comprehensive coverage 

As we found existing cyber insurance coverage lacking in some areas, so we work with the best provider to create one. Our insurance covers more of the financial, tangible, and intangible exposures your business faces than any other insurance company. We have state of the art cybersecurity platform that comes with 24/7 tracking, automated security alerts, staff training, and access to security experts to prevent cyber incidents before they occur. As for cyber insurance, we protect the value of your entire business, including financial, intangible and tangible damage, with up to 20 Million of the most comprehensive cyber insurance.

We provide a complete suite of security applications. The package will including 24/7 safety tracking, automated risk and intelligence alerts, security benchmarking, DDoS mitigation, Ransomware security defence, staff member training, software patch update reminders to your organization and more, all included with the insurance policy package at no additional cost.

Having an insurance policy is to prepare for the worst-case scenario when you needed most. Our solution comes with a committed 24/7 emergency response and a claims group to help you to respond to an incident swiftly. Our emergency first response team has thousands of organizations relying on them.

Our comprehensive solution? 

Please take a look at our coverage for 3rd party. 

• We cover the cost to defend you and any damages resulting from your liability to a 3rd party (Network & Information Security Liability).
• Any regulatory fines & penalties, multimedia wrongful acts (such as infringement, defamation, piracy, etc.) are covered.
• Payment Card Industry fines & assessments resulting from a failure in your security, data breach, or privacy violation

And 

• When you have a security breach that results in physical damage or injury to a 3rd party, the insurer will pay the costs of defence and damages  

In the event of security breaches (i.e. cyber crime attack), we'll cover losses resulting from bodily injury. 

Should there be damage/impairment to your tangible property, as well as damages resulting from any liability to a 3rd party, including regulatory fines & penalties and pollution, be assured the insurer will protect your business.

The insurer will 

• Pay the costs to replace your computer systems that are permanently affected by malware. 
• Any funds transfer losses you incur from a breach in your security or social engineering.
• Pay additional amounts you're billed by a cloud or telephone provider for fraudulent charges.
• Pay for replacement, restore, or recreate digital assets damaged or lost following a security failure.
• Cover any financial losses due to negligence in security, data breach or systems failure (including contingent/dependent Business Income), as well as the extra expenses you incur to bring your company back online.
• Cover any costs on extortion incident, including money, securities, and even virtual currencies paid.
• Pay for the prices to respond in a data breach, including 3rd party incident response and public relations experts, customer notification costs and credit monitoring, media purchases, legal fees, and advice regarding the incident.

A small business owner policy (BOP) could consist of a couple of coverages pack. The adhering to are the eight most common insurance policy coverage types that an entrepreneur must recognize.

- This coverage protects if bodily injury, property damages, injury or advertising injury incur with your business. Bare in mind, this coverage alone does not protect you from cyber crime.

• Have this coverage part of small business owner insurance to defence when business earnings and extra expenditure is at risk.

• Secure against a business when found responsible for an issue with one of the items they offer.

- If a business gives professional guidance or provides a professional opinion, it should probably carry professional liability insurance. Again, this coverage does not cover from cyber crime.

• Secure against Construction If you are in renovation of builders.

• Defence against tools or equipment breakdown. (It can be a furnace or machine) when it requires time and money for a replacement.

• Secure against your property or stocks

• Bundling a small business owner package (BOP) to with business use vehicle including transport of cargo.

Employment Practices Liability

Electronic Data and Equipment

Valuable Papers and Records

Job site Short-Term Pollution from Pollutants 

Identity Theft

Blanket Insurance on valuable property

Limited Property of Others Liability

Always Review Your Insurance Coverage

Over time, businesses may have an increasing need for insurance coverage as their business grows. Always take time to review your insurance and fill in gaps as the situation changes. 

As an insurance broker, we'll help small business owners to decide what is needed and the best fit for their insurance.

If you take online orders, store sensitive information on the computer, you need proper Cyber Crime protection. See this section about Cyber insurance