Logicalis logs at least 124 cyber attacks in Jersey so far in 2018

Friday 23 March 2018

A CI IT firm is warning that local organisations could be leaving themselves open to huge losses if they rely on insurance to cover damages from a major cyber-attack.

Logicalis have recorded 124 cyber attacks so far this year, and they fear that up to 80% of businesses would not be covered by their policies in the event of a cyber-attack.

Ricky Magalhaes, Managed Security Services Director, Logicalis, said: “Many companies think cyber insurance is an alternative to good cyber security practices, however, if you don’t have correct controls in place, your insurance will not cover you.

“Up to 80% of companies with cyber insurance are not following basic cyber security procedures, which means if they suffer a loss, it will be hard for them to claim because they have been negligent.”

So far this year, Logicalis says it has detected more than 124 cyber-attacks on Jersey companies - but they say this is just the tip of the iceberg.

Common attacks included hackers exploiting vulnerabilities in systems caused by organisations failing to install patches, or compromising systems because they were badly configured. Ransomware is a significant concern, and the number of Microsoft Office 365 Break-ins, where someone reads and edits emails without the user knowing, is growing.

A small number of companies also suffered a DDoS (Distributed Denial of Service) attack, where their internet bandwidth was hijacked. Logicalis also detected a significant number of cases where hackers have used credentials they’ve bought from the dark web to log in to systems.

Pictured: A breakdown of the cyber attacks recorded so far this year.

Mr Magalhaes said: “If you leave your house open and have break in, an insurance policy is unlikely to pay out. You need to be able to prove you locked the door, and prove that you had a break in. With cyber insurance, knowing that your data is up on the dark web is not proof that someone stole it. You need be able to identify the security breach, and prove that you took all the necessary steps to prevent it. If you are not diligent an insurer will not pay out.”

“A lot of cyber-attacks happen because of behaviour of staff, rather than because of the technology, which makes it very hard to assess risks. One thing is certain, though, the risks of cyber-crime are higher than ever.”