If organized cybercriminal gangs and the increasing number of business email hacks aren’t enough to keep risk managers up at night, cryptomining and fraudulent use of IT and telephony services is likewise on the rise, with cybersecurity firm Check Point recently reporting that organizations impacted by cryptomining malware doubled to 42% in the first half of 2018 alone. Anyone who’s been on the receiving end of a phone call that they’ve suspected is spam will recognize this new threat.
“What we’re witnessing is an evolution of an old-as-time business model of fraud and theft,” said Joshua Motta, founder and CEO of Coalition, a technology-enabled cyber insurance solution provider. “Criminals have basically been able to evolve their business models to now focus on committing fraud or stealing new things, and so in this case, that’s gaining fraudulent access to a company’s infrastructure, computational resources, and cloud services.”
Once they’ve got a grip on these resources, hackers can use them to mine cryptocurrencies or commit toll fraud, which includes the unauthorized use and charge for phone lines, equipment and services to make long distance phone calls, effectively monetizing their criminal access to these services while racking up costly bills for businesses.
The financial loss for the fraudulent charges can be in the hundreds of thousands of dollars, according to Motta, which the company has seen firsthand through the businesses it’s worked with or quoted. If a cybercriminal gains access to an Amazon Web Services account because an employee lost their credentials and then uses the cloud computing services to mine Bitcoin, it’s the employer who’s left with the mess to clean up, and not the tech giant.
“They’re potentially on the hook to pay whatever charges were made under their account, and that’s something we’ve seen in other sectors as well – if you lose the credentials to your bank account and someone is able to fraudulently wire money from the bank account, it’s not necessarily the bank that’s responsible,” said Motta, adding that the risk is multiplied across every business service, telephony system, software, and cloud service a company utilizes. “Any unauthorized use that can drive up a charge or a liability, that business experiences something they could be out of pocket for.”
The ideal victims of cryptomining and fraudulent use hackers are wide-ranging – in fact, Motta believes that all companies can be targeted.
“It’s for the simple reason that given this particular business model, the criminal is agnostic to who the target is,” he explained. As long as a company has access to computational resources, to telephony systems, to any type of service where its use can benefit the criminal, then they are by definition a target, though Motta added that small and medium-sized businesses are more susceptible to losses.
“They tend to have fewer controls and protective actions to prevent unauthorized access, and that makes them much, much easier targets to go after,” he said, adding that the sheer volume of SMEs also makes them prime targets since there are more of them to hack.
Coalition’s new Service Fraud coverage reimburses organizations for financial losses they incur through the wave of cyberattacks involving the fraudulent use of software, networks, telephony services, and infrastructure as well as traditional forms of fraud, including telecom toll fraud. As cyber risks take on new forms, Motta told Corporate Risk and Insurance that the industry has no choice but to evolve and help insureds protect against major losses.
“Insurance companies have to innovate, have to create [offerings] that provide coverage for the exposures that their clients have because if they don’t, their competitors will and insurance, like every other industry, is subject to competition and is subject to the forces of innovation,” he said.