Cyber Extortion and what it means to a CPA Firm.
There has been a great deal of buzz about Net Protect, Cyber PLUS, Web Coverage and a variety of new enhancements being promoted by various insurance companies.
Many of these “new” coverage features are a great leap in the right direction to provide affirmative coverage for CPAs and liability arising from web based activities, hacking attacks or loss or theft of client sensitive data. Many insurers, like CNA/AICPA program and CPAGold™ have offered legal liability from Electronic Media perils or Client Identity Theft for a number of years. Coverage for Breach Notification and client credit record monitoring (often described as first party coverage) is also a usual part of the coverage and limits of up to $50,000 in costs are available.
Certain specialist professional liability agents have also made available to clients a specific Cyber policy that can expand the range of coverage to include damage to network assets, cyber terrorism and cyber extortion. For the average CPA, the most important additional coverage may be coverage for the expenses and monies resulting from cyber extortion.
Cyber extortion. occurs when a hacker breaks into a CPAs computer network and installs a malicious computer code commonly known as ransomware. A threat is then made by the hacker that demands the CPA pay money or the hacker will release, divulge, disseminate, destroy or use the CPAs client’s confidential information, or alternative dame the CPAs computer system, restrict access of cause
Many people saw the episode of “The Goodwife” where an overseas hacker attempted to blackmail a law firm into paying a ransom. The firm was able to prevail and catch the bad guys, but invariably this does not happen.
A recent article demonstrates the usual pattern of events: http://gulfnews.com/xpress/dubai/courts-crime/hacker-holds-uae-bank-to-ransom-demands-3m-1.1626394
In this case, the hacker is reportedly seeking a $3 million ransom. It is unclear how the criminal was able to access the bank’s servers, but the bank was threatened with release of client confidential information. The criminal has leaked information onto public forums every few hours and has caused the bank significant embarrassment and client distress. The hacker said that he will not stop until the bank pays him the ransom money in digital currency Bitcoin The hacker even offered to bride journalists that has reported on the incident.
The investigation continues.
Most professional liability policies don’t provide coverage for Cyber Extortion. It is a new and evolving coverage concept and insurers have yet to fully understand how to underwrite this risk. The exception to this is CPAGold™ where we have included cyber extortion to the new cyber enhancement endorsement that is available to all member of the program as filings are approved in each State. Coverage is free for limits of up to $50,000 and can be increased to $500,000 per loss and $1,000,000 a policy aggregate.
This is an innovative coverage feature of a professional liability policy and details may be obtained from your insurance agent or by contacting Rickard Jorgensen on (201) 345 2440.
Details of Cyber coverage provided by CPAGold™ is described in http://cpagold.com/cyber-coverage-provided-via-your-cpagold-policy/.