The UK government suspects China is behind the cyber-attack that targeted the names and bank details of current and former British military personnel.
The hack accessed a Ministry of Defence contractor’s IT system that was not linked to the MoD’s central network. A small number of addresses were also on the system.
An initial investigation by the MoD found that while the system had been breached, there was no evidence that any personal information had been copied or “removed” from it.
The Cabinet Office and private security specialists have been called in to assist with the MoD investigation. It is reported that a private security company has also been commissioned to monitor the internet in case any information has been successfully removed from the contractor’s IT system and is leaked online.
It comes after Chinese “state-affiliated actors” were blamed by the government for two “malicious” cyberattack campaigns in the UK between 2021 and 2022.
This latest attack signposts the ongoing threat from cyber criminals and states who target vital information and highlights the need for specialist insurance protection.
Mark Dutton, director W Denis said: “In the UK, only 15% of small to medium sized organizations have purchased cyber insurance protection. Those without cover often state that the reason for not buying cyber insurance is because they’re confident in what their IT dept has done to secure their business.
“However the MoD breach demonstrates that even the most sophisticated forms of cyber security can be vulnerable. A successful cyber-attack against an SME could be catastrophic to its balance sheet and reputation.
“For those businesses that do buy cyber insurance, they have the peace of mind of not just having a strong insurer to pay for the covered losses but receive immediate access to essential cyber incident response services (which form part of the offering provided by the insurer insurance policy), giving 24/7 access to help and support to triage incidents and minimise the disruption. “
Last year, the government published an updated version of its long-term defence strategy which said the use of “commercial spyware, ransomware and offensive cyber capabilities by state and non-state actors has proliferated”.
Cyber policies offered by W Denis provide more than just insurance, they are inclusive of additional services which help to mitigate the impact of a data breach/hack etc, including PR services to manage the crisis, forensics to investigate the root cause and expertise to eradicate the issue. Locked systems and ransomware can be catastrophic to a business. Prudent risk managers who buy comprehensive cyber insurance gain access to a wide range of support services to help the business in the event of a claim in addition to ransomware payment negotiations.
To discuss this further with a broker at W Denis, please make arrangements with Daniel Moss at daniel.moss@wdenis.co.uk or on 0044 (0)113 2439812 or contact Mark Dutton at mark.dutton@wdenis.co.uk or on 0044 (0) 7831 366 469
