[BreachExchange] Underwriting agency hit by cyber attack

Destry Winant destry at riskbasedsecurity.com
Fri Jun 14 09:38:05 EDT 2019 

https://insurancenews.com.au/daily/underwriting-agency-hit-by-cyber-attack

Underwriting agency ProRisk has been hit by a serious cyber attack,
forcing a shutdown of systems for several days.

Executive Director Hamish McDonald-Nye told insuranceNEWS.com.au today
that a phishing attempt seeded malware onto the company’s network at
the weekend, and the system was shut down to isolate the issue and
protect client data.

“It initially looked containable but then became apparent that it was
more significant,” he said.

“Malware is developing all the time and what we appear to have is
something very, very new. It is a tough call to make, but we enacted a
controlled shutdown to limit any spread.

“Our IT advisers are currently working round the clock on getting us
back up online and trading.

“We would like to assure the market that based on our investigations
to date it is apparent that no client information has been
compromised.”

Mr McDonald-Nye says the incident proves cyber attacks “can happen to anyone”.

“We had a whole lot of precautions in place which we had recently
reviewed, and backups in place. This makes you realise just how
challenging [the cyber threat] can be.”

Mr McDonald-Nye says that despite systems being down, policy renewals
will be held on cover and instructions to bind cover will be honoured.

“We have outstanding capacity providers and we are receiving great
support from all of them,” he said.

Specialist motor underwriting agency Armada, which Mr McDonald-Nye
also runs, has been affected, but to a lesser extent.

Mr McDonald-Nye says ProRisk will launch a cyber product later this
year, and the lessons from this attack “will be invaluable”.

“This incident reinforces the need for cyber security and cyber
insurance as an essential part of an organisation’s information
security and risk posture,” he said.

“ProRisk and Armada invested heavily in information security, which is
why we were able to identify the incident at the earliest opportunity
and act to isolate it so quickly.

“While it may take some time to get back to business as usual, the
incident serves as a reminder to the broader market to continue to
invest in cyber resilience.”

It is not known when ProRisk systems will return to normal, but
alternative emails have been set up. More details at
www.prorisk.com.au

More information about the BreachExchange mailing list