Webber Insurance Services Webber Insurance Services
Talk to an insurance broker

1300 932 237

Menu
  • Home
  • About
    • About Us

      Read more about our Business and Partners.

      Find out more about the team at Webber Insurance, what our clients say and who we partner with to enable us to provide you with superior insurance products.

      Contact Us
      • About Us
      • Webber Insurance Group
      • Steadfast Insurance
      • Testimonials
    • Close
  • Blog
    • Blog Posts & Ultimate Guides

      Read our latest blog posts plus get further information on key topics in our ultimate guide pages.

      At Webber Insurance, we work to expand our clients understanding of a wide range of business risk management topics

      Latest Blogs
      • Ultimate Guide – Data Breach Notification
      • The Ultimate Guide to Cyber Insurance
      • Data Breaches In Australia
    • Close
  • Products
    • Insurance Products

      We will find you the right insurance product for your business.

      Use a qualified Insurance Broker to ensure that you have an insurance program that is tailored to your specific needs.

      Quick Quote
      • Asbestos Liability
      • Building Indemnity Insurance
      • Business Insurance
      • Commercial Legal Protection Insurance
      • Contract Works Insurance
      • Contractors Insurance
      • Corporate Travel Insurance
      • Cyber Insurance
      • IT Liability Insurance
      • Management Liability Insurance
      • Medical Indemnity Insurance
      • Plant & Equipment Insurance
      • Professional Indemnity Insurance
      • Public & Products Liability
    • Close
  • Occupations
    • Occupations

      We can source insurance for all kinds of occupations.

      As a specialist insurance broker, we have access to a range of local and overseas insurers who are capable of assisting with risks; large or small for all occupations

      Quick Quote
        • Accounting Insurance
        • Architect Insurance
        • Building Designer Insurance
        • Building Inspector Insurance
        • Consultants Insurance
        • Energy Raters Insurance
        • Engineers Insurance
        • Labour Hire / Recruitment
        • Project Management Insurance
        • Real Estate Agents
        • Tradesman Insurance
    • Close
  • Schemes
    • Schemes

      Insurance schemes for various occupations and industries.

      Webber Insurance has a number of insurance schemes that we have developed for specific industries and occupations.

        • ABSA TPA Assessors
        • Building Designer Association Australia (BDAA)
        • Building Design Queensland (Formerly BDAQ)
        • Building Designers Association WA (BDAWA)
        • Building Designer Insurance
        • Design Matters National (Formerly BDAV)
        • Energy Raters Insurance
    • Close
  • FAQ’s
  • Get a Quote
    • Get A Quote

      We work to simplify the insurance process for our clients.

      Complete one of our online proposal forms today to receive a quote for your insurance requirements

      Get A Quote
      • Annual Contract Works
      • Asbestos Liability
      • Cyber Insurance
      • One Off Contract Works
      • Professional Indemnity
      • Public Liability
      • Architects
      • Building Designer
      • Consultants
      • Engineers
      • Plant & Equipment
      • Tradesman
      • Accountants
      • Commercial Legal Expenses
      • Corporate Travel
      • IT Liability
      • Management Liability
      • Project Manager
    • Close
  • Claims
  • Contact
Webber Insurance Services Webber Insurance Services
Call Menu
  • Get a Quote
  • Make a Claim
  • Professional Indemnity Insurance
  • Products
    • Asbestos Liability
    • Business Insurance
    • Cyber Insurance
    • IT Liability Insurance
    • Contractors Insurance
    • Management Liability Insurance
  • Occupations
    • Accounting Insurance
    • Architect Insurance
    • Building Designer Insurance
    • Building Inspector Insurance
    • Consultants Insurance
    • Engineers Insurance
    • Energy Raters Insurance
    • Labour Hire & Recruitment Insurance
    • Real Estate Agents
    • Tradesman Insurance
  • Schemes
    • ABSA TPA Assessors
    • BDAA
    • BDAWA
    • Building Design Queensland
    • Design Matters National
    • Energy Raters Insurance
  • Contact
  • FAQ’s
  • About
    • Testimonials
  • Blog
    • The Ultimate Guide to Cyber Insurance
Apr 24
Cyber Security

What Did We Learn from the Distribute.IT Hacking Incident?

  • April 24, 2014
  • Chris Webber
  • Insurance News

In June of 2011, web hosting provider Distribute.IT suffered one of the most malicious cyber-attacks to occur in Australia. The hackers launched a highly sophisticated and coordinated attack on the Distribute.IT servers. The hackers compromised the data, websites and emails stored on four of their servers, as well as destroying all backups that would have allowed the business to restore the websites of their clients.

Such was the damage caused by the hackers that the information was deemed unrecoverable, resulting in approximately 4,000 websites disappearing with no chance of recovery. Despite every effort by Distribute.IT to recover from this devastating incident, the company was forced out of business, selling their assets to fellow online provider Netregistry.

This occurrence launched cyber security back into the spotlight and as recently as this month, it has been discovered that the ‘Heartbleed’ bug has left countless websites exposed through a flaw that allows harmful sources to access a website’s data including passwords, credit card details and usernames.

Now more than ever, it is imperative that businesses are prepared and protected against potential cyber threats, but where do you start?

Ensuring Your Business Is Prepared

In a time where businesses are conducting a significant amount, if not all of their business activities online, it has become apparent that the requirement for increased cyber security measures is necessary. In the case of Distribute.IT, the business was “technically pretty solid when it came to security” according to Edward Farrell of security consulting company, HackLabs, however “it is not purely about a backup or a protective measure, rather the business needs to understand from all facets what they’re likely to encounter during a cyber event”.

“The maturity of resilience of a business is extremely important’ says Mr Farrell. “Is it important for a business to assess if they are doing the right things now in terms of cyber security, and can they sustain this level of performance during times of stress or as environments and risks change”.

It is therefore recommended businesses perform a number of assessments to ensure they are adequately protected against cyber threats. According to Mr Farrell, penetration testing may have assisted Distribute.IT in identifying any vulnerabilities and their consequence. By carrying out the testing, “businesses can evaluate response systems to these potential threats and the security of their network”.

James Crowther of London Australia Underwriting agrees. Constantly reviewing and testing security processes to keep up with continuous advancements in threats is essential in addition to having a robust defence system.

“A good way to do this is to engage a third party security firm to conduct a security audit. Such an audit could be designed to highlight weaknesses in the network and recommend additional risk management processes”.

As well as engaging companies who specialise in ‘ethical hacking’, Mr Farrell notes that while backing up plays a role in preparing from cyber threats, it “only forms a small part of the greater picture”.

Risk Management Strategy

Mr Crowther has suggested a number of ways businesses can adequately protect themselves from potential cyber attacks as a part of their risk management strategy:

  • Ensure your data is backed up at a secure offsite facility
  • Understand your critical IT service providers network security. Is there an external security audit conducted?
  • Look at your service providers contract. Are there limitations to your right of indemnity under contract?
  • Have an annually tested business continuity plan in place
  • Always remember you get what you pay for!

Recovering From A Cyber Attack

As seen in the case of Distribute.IT, as well as suffering a significant blow to their business through the loss of data from the four servers, the media backlash that resulted was just as crushing for the business.

PR and Brand Management

“How they were viewed publicly caused the biggest downfall, namely the Twitter meltdown and the subsequent reaction from the Australian Communications and Media Authority” says Mr Farrell.

“Technically, Distribute.IT did everything they could to recover the websites however damage was done to their reputation and as a result, lost their authority to function as a domain name registrar”.

This again highlights the importance of implementing effective response systems, including PR to handle any potential media backlash.

Cyber Insurance

Whilst also having the correct systems in place to ensure your business is protected from potential cyber threats and the events that may follow if a cyber threat materialises, Mr Crowther suggests businesses consider Cyber Insurance as a part of their risk management plan.

“Cyber Insurance is designed to cover network and information security breaches, and the consequential loss that an organisation suffers whether it is civil liability arising from a breach of security or privacy brought by a client of the policyholder or loss of business income and other costs such as public relations, forensic investigation, legal and customer support to name a few, which are incurred by the policyholder due to a security breach”.

While Mr Crowther agrees damage to the brand may have been catastrophic, “an insurance policy could have certainly provided the compensation needed to protect the business and shareholders from financial ruin”.

Heartbleed

At current, many businesses who operate using the OpenSSL software are at risk to Heartbleed. Mr Farrell suggests it’s not unreasonable to assume that if you have an internet based system that is vulnerable to Heartbleed, that you have already been attacked.

“To identify if a system you own is vulnerable, an organisation such as HackLabs would be happy to verify this, or provide assurance that the organisation is not affected”.

If you find your business has been compromised by the Heartbleed, Farrell suggests the following measures are taken:

  • Patch OpenSSL (or the affected software) to the latest version
  • Reissue the private certificate on the affected service
  • Force all systems users to change their password and;
  • Evaluate the likelihood that internal or associated systems have been compromised as a result of this

With the staggering statistic resulting from a study carried out by Symantec last year that 63% of small to medium enterprises experienced an attack in 2013, it has become apparent the dire necessity to ensure your business is protected and prepared for any type of cyber threat.

Not doing so could result in disastrous consequences to your business and its reputation as demonstrated by Distribute.IT.  Mr Crowther highlights, “organisations must treat network security as a serious risk, or they will become a statistic”.

HackLabs have kindly offered to assess any internet facing systems for Heartbleed free of charge for readers of this article. Please contact HackLabs for further information.

View the full transcripts of our discussions with Edward Farrell from HackLabs and James Crowther of London Australia Underwriting.

  • Facebook
  • Twitter
  • Tumblr
  • Pinterest
  • Google+
  • LinkedIn
  • E-Mail
blank

About The Author

Chris Webber is the Director of Webber Insurance Services. Chris has been in the insurance industry for almost 15 years and is an SME business insurance specialist. The information on this blog and website is of a general nature only. It does not take into account your individual financial situation, objectives or needs. You should consider your own financial position and requirements before making a decision. We recommend you consult a licensed insurance broker in order to assist you.

Comments are closed.

[google-reviews-pro place_name=’Webber Insurance Services’ place_id=ChIJCdEpL7_OsGoRZ1anX5zt5sw rating_snippet=true view_mode=badge_inner lazy_load_img=true]

Recent Posts

  • Daniel Webber Named Winner of 2022 Elite Broker Award
  • Advisr Insurance Broker Awards 2021 – Daniel Webber Named Finalist
  • Nikia Goers Announced as Young Professional Broker of the Year Finalist
  • Daniel Webber Named Elite Broker for 2021
  • Daniel Webber Named Advisr’s Top South Australian Insurance Broker of 2020
  • Changes To Registration Requirements For Business Use Drones
  • We’ve Moved! Webber Insurance Services Office Relocation
  • NSW Building Designer Registration – An Update From Webber Insurance
  • Wimbledon To Receive $141 Million Insurance Payout Due To Cancellation
  • BDAA Hole In One Challenge

Contact us

  • Make an enquiry
  • Get a Quote
  • 1300 932 237
Webber Insurance Services
blankblankblank
  • Terms of Use
  • Privacy Policy
  • Financial Services Guide
  • Complaints & Disputes Handling
  • Code of Practice
© Copyright 2021 Webber Insurance Services

328A Magill Road, Kensington Park SA 5068

Webber Insurance Services Pty Ltd | ABN: 88 648 036 929 | CAR No: 413233

Authorised Representative of Webber Insurance Group Pty Ltd | AFSL: 488465 | ABN: 70 612 339 894 All rights reserved

Request Insurance Advice

Have a question or need advice from a qualified insurance broker?