Liga Asuransi – Dear readers, how are you? I hope your business is running well as planned.
As a senior insurance broker, I tell our clients, “Accidents can happen anywhere, anytime, and to anyone.” And that is true. It started showing up in a recent Cyber risk accident in Indonesia. Cyber risks are the most significant threats to business in the future.
If you are interested in this article, please share it with your friends so they can understand as you do.
On Monday, 8 May 2023, it was reported by social media that a state-owned bank PT Bank Syariah Indonesia Tbk (BRIS) or BSI’s mobile banking and ATM networks experienced disruptions that have yet to recover fully. The Minister of State-Owned Enterprises (SOEs), Erick Thohir, stated that the disruption was caused by a cyberattack that attacked Indonesia’s largest Islamic bank.
Erick explained that BSI was repairing the system, but it was accompanied by a cyber-attack that broke it for almost a day. Although he did not know the details of the attack, Erick continued to monitor the development of BSI system disruptions, as well as BSI President Director Hery Gunardi.
According to Erick, three days before the disruption occurred, he had just met with Hery Gunardi to discuss the bank’s IT system. However, the disorder occurs suddenly.
Erick and Hery Gunardi continue to monitor this problem to ensure the BSI system returns to normal. This incident shows the importance of cybersecurity protection in the banking system in Indonesia and the need for measures to prevent similar attacks in the future.
THE ROLES OF CYBER SECURITY AND CYBER INSURANCE
The recent incident involving the disruption of the Bank Syariah Indonesia (BSI) banking system highlights the importance of cyber security and insurance. Cybersecurity is critical in the banking industry as financial institutions are vulnerable to cyber threats such as phishing, malware, and ransomware attacks. Such threats can lead to financial loss, reputational damage, and regulatory fines.
In this regard, robust cybersecurity measures are necessary to protect sensitive financial data and ensure the continuity of banking operations.
Cyber insurance is also essential in mitigating the economic impact of cyber threats. Cyber insurance covers cyber-attack losses, including business interruption, data breaches, and liability claims.
Cyber insurance can provide financial protection for financial institutions, allowing them to respond to and recover from cyber-attacks more efficiently. It can also incentivize companies to invest in cybersecurity measures, as insurance companies often require specific security protocols to be in place before providing coverage.
Cyber security and cyber insurance are essential components in the banking industry, where protecting financial data and ensuring the continuity of banking operations is critical. Implementing robust cybersecurity measures and having cyber insurance in place can help financial institutions prevent, mitigate and respond to cyber threats, ultimately safeguarding their customers’ interests and reputations.
WHAT ARE THE POSSIBLE CAUSES OF THE DISRUPTION?
What type of cyber-attack disrupted the Bank Syariah Indonesia (BSI) banking system is still unclear. However, cyber-attacks can take various forms, including:
Malicious software is designed to infect computer systems and disrupt or damage their operations.
A type of malware that encrypts files on the targeted system and demands a ransom payment in exchange for the decryption key.
An attempt to steal sensitive information, such as login credentials and financial data, by tricking users into clicking on links or opening attachments in email messages that appear to be from legitimate sources.
Distributed Denial of Service attacks overwhelms a website or network by flooding it with traffic from multiple sources, causing it to crash or become unavailable.
- Insider Threat
An employee or insider with access to sensitive systems could intentionally or unintentionally cause a security breach, leading to a cyber-attack.
It is important to note that cyber-attacks can be sophisticated, with attackers using a combination of techniques to achieve their objectives. The specific cause of the cyber-attack on BSI may be challenging to determine.
Still, robust cybersecurity measures are needed to prevent future attacks and protect sensitive financial data.
RANSOMWARE IS A POSSIBLE CAUSE – CYBER EXPERT SAID
Ransomware is malicious software that encrypts files on a computer or network and demands a ransom payment for the decryption key.
In the case of BSI, if ransomware were indeed the cause of the cyber-attack, it would mean that the attackers could gain access to the bank’s systems and encrypt their files, demanding a ransom in exchange for the decryption key.
It’s important to note that paying the ransom does not guarantee that the attackers will provide the decryption key, which may encourage further attacks. Therefore, organizations must implement adequate cybersecurity measures to prevent and mitigate the impact of ransomware attacks.
Here’s how a ransomware attack typically happens:
Ransomware is introduced to the system through a phishing email or malicious link or by exploiting a vulnerability in the system.
Once the ransomware is installed, it encrypts files on the system, making them inaccessible to the user.
- Ransom note
The attacker displays a message demanding payment in exchange for the decryption key. The note often includes a countdown timer and a threat to delete the files if the ransom is unpaid.
The attacker demands payment in cryptocurrency, such as Bitcoin, to make tracing difficult. The victim is instructed to transfer the amount to a specific Bitcoin wallet address.
Once the ransom is paid, the attacker provides the decryption key to the victim, allowing them to access their files.
THE BEST SOLUTION ON BSI SITUATION
To solve the situation of the cyber-attack on Bank Syariah Indonesia (BSI), the following solutions can be considered:
- Conduct a thorough investigation.
The bank needs to conduct a thorough investigation to determine the root cause of the cyber-attack and the extent of the damage caused. This will help to identify vulnerabilities in the bank’s IT systems and implement measures to prevent future attacks.
- Implement robust cybersecurity measures.
The bank should implement strong cybersecurity measures, including firewalls, anti-virus software, intrusion detection and prevention systems, and two-factor authentication. Regular security audits and penetration testing can also help to identify and address vulnerabilities.
- Educate employees and customers.
Employees and customers should be educated on the importance of cybersecurity, including identifying and reporting suspicious activity, creating strong passwords, and avoiding phishing scams.
- Develop a cyber incident response plan.
The bank should have a well-defined and tested incident response plan to minimize the impact of a cyber-attack. The plan should include procedures for detecting and containing an attack and restoring IT systems and services.
- Consider cyber insurance.
Cyber insurance can provide financial protection during a cyber-attack, covering the costs of investigating and responding to the attack and any damages and losses incurred.
By implementing these solutions, BSI can enhance its cybersecurity posture and reduce the risk of future cyber-attack risks.
HOW ABOUT THE DISTRIBUTED DATA?
Data recovery should be a top priority if the Bank Syariah Indonesia (BSI) has experienced data disruption or loss due to the cyber-attack. The bank should have backup systems to restore critical data during a cyber-attack. Data recovery may be more challenging if the attack also affects the backup systems.
In such a scenario, the bank should engage data recovery experts to attempt to retrieve any lost data. The experts may be able to restore data from backup systems or use specialized tools to recover data from damaged hardware. It is important to note that data recovery can be a time-consuming and expensive process, and there is no guarantee that all lost data can be recovered.
To prevent future data loss, the bank should review its data backup and recovery procedures and ensure they are robust and effective. It may also be necessary to implement additional measures, such as data encryption and access controls, to protect sensitive data from unauthorized access and theft.
WHAT IS THE COVERAGE OF CYBER INSURANCE?
The coverage of cyber insurance varies depending on the policy and insurer, but generally, cyber insurance provides coverage for the following:
- Data breaches
Cyber insurance can cover the costs associated with data breaches, including investigating the breach, notifying affected parties, and providing credit monitoring services.
- Business interruption
Cyber insurance can cover lost income and other expenses associated with a cyber-attack that causes a business interruption.
- Cyber extortion
Cyber insurance can cover the costs associated with cyber extortion, such as ransomware payments.
- Privacy liability
Cyber insurance can cover the costs associated with a privacy violation, such as legal fees, settlements, and damages.
- Network security liability
Cyber insurance can cover the costs associated with a network security failure, such as legal fees, settlements, and damages.
- Media liability
Cyber insurance can cover the costs of a media liability claim, such as copyright infringement or defamation.
It is important to note that cyber insurance policies can vary significantly in terms of coverage and exclusions, so it is essential to carefully review policy terms and consult with an insurance professional to ensure that the policy meets the specific needs of the organization.
WHAT IS INFORMATION REQUIRED TO ARRANGE CYBER INSURANCE?
The underwriting information needed for cyber insurance varies depending on the insurer and policy, but generally, insurers will request the following information:
Insurers will request basic information about the company, such as its legal name, address, and industry.
- Cybersecurity posture
Insurers will request information about the company’s cybersecurity posture, including its cybersecurity policies and procedures, employee training programs, and risk management practices.
- IT systems and controls
Insurers will request information about the company’s IT systems and controls, such as the types of hardware and software used, network architecture, and security controls.
- Data inventory
Insurers will request information about the company’s data inventory, including the types of data stored, the location of data, and how data is protected.
- Incident response plan
Insurers will request information about the company’s incident response plan, including who is responsible for managing a cyber incident, how incidents are detected, and how incidents are resolved.
- Previous cyber incidents
Insurers will request information about any previous cyber incidents the company has experienced, including the nature of the incident, the impact of the incident, and how the incident was resolved.
Insurers may also request additional information based on the specific policy and coverage being underwritten. Organizations must be transparent and provide accurate and complete information to insurers to ensure they receive appropriate coverage and avoid potential coverage disputes during a cyber incident.
WHY DO COMPANIES NEED AN INSURANCE BROKER TO ARRANGE CYBER INSURANCE?
Banks, like any other organization, may benefit from working with an insurance broker to arrange their cyber insurance coverage. There are several reasons why a bank may choose to work with an insurance broker:
Insurance brokers are experts in the insurance industry and have specialized knowledge of the types of coverage available, the policies and terms offered by different insurers, and the potential risks and exposures facing banks.
- Access to insurers
Insurance brokers have relationships with multiple insurers and can help banks to access a broader range of insurance options than they might be able to on their own.
Insurance brokers can work with banks to customize their cyber insurance coverage to meet their specific needs and risk profile. They can help to identify gaps in coverage and recommend policy terms and limits that will provide appropriate protection.
Insurance brokers can negotiate with insurers on behalf of banks to secure favorable policy terms and pricing.
- Claims support
In the event of a cyber incident, insurance brokers can provide claims support and advocacy to help banks navigate the claims process and maximize their recovery.
Working with an insurance broker can help banks better understand their cyber risk exposure and secure appropriate coverage to protect against potential losses.
One of the leading insurance brokers in Indonesia focusing on Cyber Insurance is L&G Insurance Broker.
For all your insurance needs, please call L&G now!
LOOKING FOR INSURANCE PRODUCTS? DON’T WASTE YOUR TIME AND CONTACT US RIGHT NOW
L&G HOTLINE 24 HOURS: 0811-8507-773 (CALL – WHATSAPP – SMS)