|
Posted By IAMU,
Tuesday, September 14, 2021
|

Some of the largest ransomware attacks we’ve seen in the news this year impacted municipalities and public entities. In fact, in 2020 over 40% of the global cyberattacks were directed towards municipalities! These attacks can result in data being lost, ransomed, or even stolen. In addition, you can suffer from loss of access to email, telephone systems, and websites as well. There’s no question that municipalities are increasingly targets of cybercriminals, and purchasing comprehensive Cyber Insurance in combination with other proactive defense measures will lessen the likelihood of an attack and can mitigate financial loss and damages should one occur. Why do I need cyber insurance? While the following list is not exhaustive, it covers the most common attacks from cybercriminals today:
- Malware: Cybercriminals use this type of attack to access financial data, medical records, emails, passwords, etc.
- Spyware: Spyware is used to access your employee’s login information, which can give the cybercriminal access to any data on your servers.
- Ransomware: This is the fastest growing area of attack. Your files and servers are encrypted and you receive a ransom demand in order to return the encrypted data to you.
- Phishing: We’ve all received these fake emails from someone we know asking us to provide sensitive information or even money.
- Hacking: If you are hacked, you are responsible for any sensitive personal data you maintain on customers which may fall in the hands of the cybercriminals – this can create a huge liability.
- Viruses or worms: These often require extra IT help to find the source and recover lost information. In addition, viruses will often ruin hardware and software, forcing you to replace damaged equipment.
What does cyber insurance cover? If you experience an attack you could be responsible for financial damage to third parties, fees and fines, forensic costs, legal fees, hardware replacement or even reputation rebuilding. While coverages can vary greatly depending on the policy, below is an outline of the coverages available through CFC Underwriters and exclusively available to IAMU Safety Group members. For additional detail click here. - Third-Party Liability: This covers the cost of notifying anyone affected by a data breach as well as costs associated with damages or settlements that have to be paid to those affected by a breach. In addition, our CFC Cyber policy includes coverage for media liability associated with alleged defamation or intellectual property rights infringement.
- First-Party Costs: This will cover legal costs associated with a cyber attack including settlements, government fines, or fees. In addition, our comprehensive policy includes coverage for system damage and rectification costs as well as income loss and extra expense associated with an attack.
- Cyber Crime and Extortion: While often not included on every policy, this coverage is standard with the IAMU Safety Group program and covers things like ransom demands, funds transfer fraud due to social engineering or phishing, as well as telephone hacking or customer payment fraud.
- Loss of Reputation: Sometimes called crisis management or reputational harm, this will cover the cost of repairing damage done to your reputation such as public relation costs and marketing costs associated with recovering from an attack.
If you’re concerned with the amount or availability of your existing coverage and would like a quote, please contact: Mark Stearns Account Executive Jester Insurance mstearns@jesterinsurance.comP. 515-350-7674 C. 515-631-0338
Tags:
Cyber Security
Insurance
Jester Insurance
Permalink
| Comments (0)
|
|
Posted By IAMU,
Wednesday, July 7, 2021
|
In recent months, an increased number of ransomware attacks have occurred against U.S critical infrastructure, including targeted attacks against the water sector. Ransomware as defined by DHS’s Cybersecurity & Infrastructure Security Agency (CISA) is “an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable.” Cybercriminals and state actors will leverage this technique to block access to these resources or threaten to publish any private or protected information to the public unless a ransom is paid.
In response to the pervasive ransomware threat, Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology, issued the memo, What We Urge You to Do to Protect Against the Threat of Ransomware, in which she outlines five best cybersecurity practices. The Office of Water urges all water and wastewater facilities to adopt these basic practices to reduce the risk of a successful ransomware attack:
- Backup your data, system images, and configurations, regularly test them, and keep the backups offline: Ensure that backups are regularly tested and that they are not connected to the business network, as many ransomware variants try to find and encrypt or delete accessible backups. Maintaining current backups offline is critical because if your network data is encrypted with ransomware, your organization can restore systems.
- Update and patch systems promptly: This includes maintaining the security of operating systems, applications, and firmware, in a timely manner. Consider using a centralized patch management system; use a risk-based assessment strategy to drive your patch management program.
- Test your incident response plan: There’s nothing that shows the gaps in plans more than testing them. Run through some core questions and use those to build an incident response plan: Are you able to sustain business operations without access to certain systems? For how long? Would you turn off your manufacturing operations if business systems such as billing were offline?
- Check Your Security Team’s Work: Use a 3rd party (CISA will do this for free) to test the security of your systems and your ability to defend against a sophisticated attack. Many ransomware criminals are aggressive and sophisticated and will find the equivalent of unlocked doors.
- Segment your networks: There’s been a recent shift in ransomware attacks – from stealing data to disrupting operations. It’s critically important that your corporate business functions and manufacturing/production operations are separated and that you carefully filter and limit internet access to operational networks, identify links between these networks and develop workarounds or manual controls to ensure industrial control networks can be isolated and continue operating if your corporate network is compromised. Regularly test contingency plans such as manual controls so that critical functions can be maintained during a cyber incident.
Tags:
CISA
Cyber Security
Water
Permalink
| Comments (0)
|
|
Posted By IAMU,
Tuesday, January 12, 2021
|
From EPA’s Water Security Division news release, 1/6/2021
“EPA’s Water Security Division recently published the EPA Cybersecurity Best Practices for the Water Sector webpage. The new page contains cyber resilience resources available from EPA including the Water Sector Cybersecurity Brief for States, Cybersecurity Incident Action Checklist, Water Sector Cybersecurity Training and Response Exercises, and Water Sector Cybersecurity Technical Assistance Program. The webpage also provides information on available Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) Alerts, including for the recent SolarWinds incident.”
Tags:
CISA
Cyber Security
EPA
Permalink
| Comments (0)
|
|
Posted By IAMU,
Wednesday, December 23, 2020
|
From Kansas Municipal Utilities - KMU Dispatch - December 22nd, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations and issued an alert. CISA said that it is aware of active exploitation of a vulnerability in versions of the SolarWinds Orion Platform software, and the agency expects that removing this threat actor from compromised environments will be highly complex and challenging for organizations.
CISA, which falls under the purview of the Department of Homeland Security (DHS), is encouraging affected organizations to read advisories from SolarWinds (https://www.solarwinds.com/securityadvisory) and FireEye (https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html) for more information. FireEye is a cybersecurity firm.
In its security advisory, SolarWinds said it was made aware that its systems “experienced a highly sophisticated, manual supply chain attack” on SolarWinds Orion Platform software builds. In the security advisory, SolarWinds offers several steps for parties to take related to use of the SolarWinds Orion Platform.
Meanwhile, DHS on Dec. 13 said that the relevant SolarWinds Orion products are currently being exploited by malicious actors. This tactic permits an attacker to gain access to network traffic management systems, DHS said. Disconnecting affected devices is the only known mitigation measure currently available, it said.
“CISA understands that the vendor is working to provide updated software patches. However, agencies must wait until CISA provides further guidance before using any forthcoming patches to reinstall the SolarWinds Orion software in their enterprise,” DHS said.
Utilities using the SolarWinds Orion platform software should follow the guidance from CISA as additional information becomes available. More information is available from CISA at: https://us-cert.cisa.gov/ncas/alerts/aa20-352a
Tags:
CISA
Cyber Security
SolarWinds
Permalink
| Comments (0)
|
|
Posted By IAMU,
Monday, October 19, 2020
|

Social media can be a great tool for business owners, but it also presents possible cybersecurity threats you might not think about. Below are 5 helpful tips to staying cybersecure while using social media for your business to implement during Cybersecurity Awareness Month.
Sincerely, 
Paul D. Pate Iowa Secretary of State
5 TIPS TO STAYING CYBERSECURE ON SOCIAL MEDIA
With every social media account you sign up for, picture you post, & status you update, you are sharing information about yourself with the world. Take these simple steps to connect with confidence & safely navigate the social media world.
1. NEVER CLICK & TELL Seemingly random details are all a criminal needs to know to target you, your loved ones, & your physical belongings. Keep personal information such as your full name, address, birthday, or even vacation plans off the Internet. Disable location services that allow anyone to see where you are, & where you aren't, at any given time.
2. REPORT SUSPICIOUS OR HARASSING ACTIVITY Work with your social media platform to report & possibly block harassing users. Report an incident if you've been a victim of a cybercrime. Local & national authorities are ready to help you.
3. THERE IS NO 'DELETE' BUTTON Just because you delete a post or picture from your profile seconds after posting, chances are someone still saw it.
4. UPDATE YOUR PRIVACY SETTINGS Set the privacy & security settings to your comfort level for information sharing. Disable geotagging, which allows anyone to see where you are, & where you aren't, at any given time.
5. CONNECT ONLY WITH PEOPLE YOU TRUST While some social networks might seem safer for connecting because of the limited personal information shared through them, keep your connections to people you know & trust.
These tips and tricks to help secure your business from cyber threats while on social media are provided by CISA. For more information about how you can Do Your Part to #BeCyberSmart, visit www.cisa.gov/ncsam
Tags:
Cyber Security
Social Media
Permalink
| Comments (0)
|
|