Cyber crime has quickly grown to be a highly organised, eight trillion dollar industry globally in 2024. The festive season provides the ideal conditions for cyber criminals to strike – with electronic transactions increasing leading up to Christmas, and many businesses operating on reduced staffing and with ‘holiday’ processes in place over the Christmas and New Year period.

The good news is, that there are steps you can take to minimise your risk of becoming a cyber attack victim. And, there are now a range of insurance products and providers with cyber cover that can be tailored to fit most budgets to help you recover should cyber criminals strike.

I spoke to Fraser Walker from Emergence – one of our cyber cover providers – to get his insights into cyber crime and how cyber cover can help businesses and individuals.

What makes the festive season an attractive time for cyber criminals to strike?

We see cyber attacks aimed at businesses and consumers increase more than 150% during the peak holiday period.

Operating on reduced staffing levels means that usual business processes may not be followed (or are followed with less vigilance, or by less experienced staff) and this contributes to increased success in cyber crime attempts. Security protocols may also be relaxed which increases vulnerabilities and opportunity for attack.

This is also a time of year where the volume of online transactions increases dramatically – meaning more chance of interception fraud. Businesses who operate websites and outward facing IT are more risk of attack and copycat websites to trick unsuspecting online shoppers.

Over the holiday season we see increased instances of typosquatting. This is when cyber criminals use convincing but mistyped domains to impersonate a reputable online store. Because shoppers are generally in more of a hurry closer to December 25th, they focus less on the integrity of the website, and the payment gateways.

Businesses and commercial operations are generally in more of a hurry at that time of the year, and that’s when people let their guard down. When they miss the copycat domain or URL, or when they accept a multi factor authentication request (MFA) on their device they didn’t even instigate!

What types of attack, from your experience, are most likely (or most increased) over the holidays?

Besides ‘Typosquatting’ and email hacks / breaches, socially engineered theft is more prevalent during holiday periods. People expect to receive more emails at this time of year and are therefore more likely to open them. It’s important to remember these days opening an email can be all it takes, in the past cyber criminals were reliant upon the victim clicking a link or opening an attachment – this is no longer the case.

Phishing campaigns continue to be the most successful attack vector and, because there’s more online activity during holiday season there’s more opportunity to conduct these widescale campaigns. It’s worth noting that due to sophisticated machine learning and AI, victims no longer receive broken English emails or messages. They’re now receiving highly convincing mimic emails with active links and QR codes which often re-direct the victim to what looks and feels like the intended website they purchased item on! These can either defraud the victim, or harvest their passwords and credentials for later attacks.

What steps can businesses take to reduce their risk of cyber attack?

Getting the basics right helps – having good cyber security software, processes and support in place (including use of Multi Factor Authentication) is essential. Educating staff and ensuring there are processes for them to follow to minimise risk, and report incidents quickly should they occur, is crucial. A comprehensive and regularly tested business recovery plan is also a ‘must have’ – not just for large businesses. Obviously, I also recommend looking into cyber insurance cover to help in management of the cyber incident and with the financial and reputational impacts that will likely follow.

What steps can individuals take to reduce their risk of cyber attack?

Update (“patch”) software and operating systems regularly, use of Two / Multifactor Authentication, and use of strong passwords all help. Staying informed is important, the CERT NZ website is a good resource.

How can cyber insurance help businesses / individuals recover from a cyber attack?

Cyber insurance offers a critical safety net for businesses in the aftermath of a cyber attack. It can provide financial support to cover the costs associated with data breaches – including legal fees, notification expenses, and public relations efforts to manage reputational damage.

Policies may also include cover for business interruption losses, helping businesses recover quickly from downtime. Additionally, many cyber insurance providers offer access to risk management resources and expertise, assisting businesses in implementing better security practices and improving their overall cyber resilience.

For individuals, cyber insurance can provide essential assistance in the wake of a cyber attack, such as identity theft or online fraud. These policies often cover costs related to restoring identity – including legal fees, credit monitoring services, and fraud resolution assistance. This support can significantly reduce the financial burden and stress associated with recovering from cyber incidents. With the rise of cyber threats targeting personal devices and online accounts, having cyber insurance enables individuals to take proactive measures, with many insurers offering resources to help policyholders enhance their personal cybersecurity awareness and practices.

How affordable, relative to the cost of an attack, is cyber insurance?

Classic insurer answer – this depends!

For businesses, I would say the cost of core cyber cover is inexpensive if you’re taking reasonable steps to secure your IT environment. You don’t need a ‘gold standard’ IT environment to access affordable premiums. If the Insurer believes you’re doing the basics, such as staff awareness training, regular back-ups, updating / “patching” software regularly, and good use of Multi Factor Authentication, then you can usually enjoy broad cover at minimal cost.

Importantly, when you buy cyber insurance, you’re also buying an incident response service – not just reimbursement. If cyber criminals gain access to your systems, they can and will, quickly bring your entire infrastructure to its knees. Stealing data (even when it’s in the cloud), deleting data, encrypting data and laptops, demanding ransom, altering invoices and conning your customers’ customers, manipulating systems, accessing payroll, or even using your processing power to mine for Crypto (Crypto-jacking) – amongst many other types of loss scenario.

With the level of sophistication (which is ever-increasing) of today’s cyber crime activities, if you believe the in-house ‘IT Guy’ can fix it solely, you’re probably wrong. And, while systems are under attack, businesses are unable to trade and earn any revenue (this is when Businesses Interruption is typically triggered on a cyber policy to pay for lost earnings).

In the personal-cyber insurance world premium costs are extremely inexpensive and can help you in many other ways than just cyber attacks.

If you’re interested in finding out more about cyber insurance, contact our Wealthpoint General Insurance team, or your local Wealthpoint Adviser.

Fraser Walker is National Business Development Manager for Emergence NZ.
These are his personal views and do not constitute personalised financial advice.