May 15, 2024 • 30 mins
In this engaging episode, we bring to light the realities and intricacies of cyber threats and the ins and outs of cyber insurance policies through an insider's perspective from renowned industry veteran, John Loyal. As a partner with Cipriani and Werner, Loyal provides valuable insights drawn from his extensive experience in managing countless cyber cases.
Discover how Loyal interprets the shifting landscape of ransomware attacks and shares crucial advice on essential readiness. The episode delves deep into topics like the reality of ransomware, the importance of understanding system vulnerabilities, and the need for a comprehensive cyber insurance policy, drawing on Loyal’s knowledge and experience.
Listen as he explains the differences between cyber and crime insurance, underlining various scenarios where each is applicable. He extends the discussion to policy exclusions, emphasizing the need to fully understand one's coverage.
Provided within this episode is also an enlightening discussion on the evolution of ransomware attacks, their growing sophistication, and the crucial role of backup systems on preventing data leaks. This episode is a treasure trove of knowledge for any business navigating the cyber world and seeking insights and guidance for optimal protection from threats.
We also delve into the vastly dangerous realm of the internet and the ghastly security threats lurking therein. The episode highlights the unsettling reality of everyone being a potential target for cyber threats, irrespective of profession or industry. We reveal the shocking truth of each individual's information susceptibility to misuse by those with malevolent intentions.
Join us as we shed light on sectors increasingly targeted by cyber-attacks and discuss the continuous evolution of cyber threats in varying geographies and the potential repercussions of deficient cybersecurity measures. The episode wraps up by offering listeners practical tips to guard against new threats and protect their digital assets better. Step into the thrilling, at times chilling, world of cyber security with us.
Cipriani & Werner | (c-wlaw.com)
https://www.linkedin.com/company/cipriani-&-werner-pc
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
All right. We've got a great show today. We are joined by one of the industry's
most desirable men when it comes to the knowledge about cyber.
My buddy, John Loyal, thanks for joining us today. How are you?
Samantha, how are you? Thanks for having me. I appreciate it. I'm revved up.
So you're a partner with Cipriani and Werner, and you and I got to know each
other pretty much under the worst circumstances because I was the call in the
(00:24):
middle of the night with, hey, my world's on fire. My business has been attacked.
You had mentioned when we met, we were going to have the fastest relationship.
We were going to get married before we even dated, right? We were going to have
the speed round for the next seven days.
And it was chaos. It was crazy. But you really helped kind of hold our hand through the process.
So first of all, Well, I never actually got a formal chance to say thank you. So thanks.
(00:47):
But now I'm excited to really open up and talk about your seat on the lawyer
side of this equation when it comes to a cyber claim. So what is going on out there?
A whole lot. That's for sure.
Listen, ransomware is real, right? It is just not what you see on the front
page and you say, well, that can't possibly happen to me, right?
(01:11):
It's happening to anyone who has a vulnerability, which is mostly everybody
that is working in the cyberspace that has an internet connection, basically, right?
The bad guys, they want to do bad things. And for them, it's just the business,
right? It's not personal.
It's not targeted. In most cases, it is we've discovered a vulnerability within your system. them.
(01:36):
And we're going to leverage that to the fullest extent to make your life as
painful as possible, and for us to make money off of this equation.
And that's it. And we're dealing with a lot of bad guys out there.
And their tactics are changing.
They're developing every single day. And the minute we get in front of it,
they discover a new vulnerability, and everybody is back to square one.
(01:59):
So right now, we are seeing my firm alone, loan, we're seeing about 15 to 20
ransomware attacks a week. Wow.
So we're going to see well over, you know, probably close to about 300,
400. And that's just my, that's just my law firm alone, right?
Well, we're also seeing a lot of this business email compromise,
which actually in a lot of ways is a lot more scary because it's not sexy, right?
(02:23):
It's not making the front page news, right?
What the business email compromise is designed to do is get into your email
environment, find an invoice.
You're going to owe company X $300,000 as part of your normal services.
The bad guy finds that invoice, they change the instructions,
and now that $300,000 is gone in the wind.
(02:45):
And by the time you even discover what happened, the bad guy's got the money
out of his bank account, the bad
guy's taken that money out of the bank account, and that money is gone.
And there's no law enforcement or there's no banker that's going to be able to recover these funds.
And again, it's just business. These bad guys aren't personal.
They were able to get your email credentials and you were just the next on the
(03:10):
list and they were able to conduct their fraudulent attack.
And they're sending it out to everybody. And when we had our moment,
it was an Amazon email that looked super legit.
You've seen DocuSign, you've seen your banks, you've seen so many different
ones that are out there and it's just being at the wrong moment at the wrong
time and clicking the wrong link.
So that's problem one. one in three Americans, one in three businesses is going
(03:34):
to have a, you know, cyber breach moment throughout their lifetime,
which is a big, big number.
And, you know, the cyber insurance product is there obviously to help protect,
you know, you as an individual and also you as a business.
You know, some of the bonuses of a cyber policy, you know, when you're looking
at an insurance professional like our audience, you know, and they're trying
(03:56):
to find ways to help businesses. I mean, how important is a cyber insurance policy from your seat?
You need it. Yeah. You need it. These are expensive.
Every part of this process is expensive. So let's even take out the legal part of this, right?
The first step of any cyber incident, for lack of a better term,
(04:16):
is you have to investigate to figure out exactly what is going on, right?
To figure out your five W's and your one H, right?
So now your first step in the process is bringing in a computer forensic expert
that's got a lot more knowledge than most of your internal IT folks that are
really doing these types of investigations for a look. They are not cheap.
(04:40):
But their services...
Are what's typically covered under the terms of the cyber policy, right?
So if they're coming in, I can tell you, most of these firms are not doing these
types of investigations for what we less than about $25,000, $50,000 or so, right?
So it's very, and depending on your size of your company and the size of the
(05:02):
network infrastructure that
you have, $25,000, $50,000 can easily become $100,000, $250,000, right?
And that's really just the bare minimum. And that's just the forensic piece
of it. Just to find out what the hell's going on.
Just to figure out what's going on. Yeah. Now, then we start talking about access to data, right?
Now you find out that we've got 50,000 people whose social security number has been compromised.
(05:24):
Each of these individuals require notice. You have to provide each of them two
years of complimentary credit monitoring.
So now you're paying for the notice piece of this, right?
Now, you've already paid $100,000 for your forensics.
You're about to spend another $100,000 on your notification. diversification
plus you have the legal costs on top of
all of it plus everything else that's that's
(05:46):
going to be factored in are we bringing in additional it resources to
help you recover from this incident right what about other
incremental expenses if you need new hard drives if you need new servers right
things of that nature right without the cyber insurance you're potentially out
of pocket hundreds of thousands of dollars but everything that i just said to
(06:07):
you are things that you would see typically covered under the terms of the policy.
So at the end of the day, what are your clients out? What are your policy holders
out? They're deductible.
Which is going to hopefully be a lot less than the half a million dollars they
may be incurring to respond to this type of event.
So here's a question when it comes to these policy forms and these different,
you know, you take like a Travelers or a Hartford and they have these different,
(06:29):
you know, cyber elements in built into like a BOP policy.
And then you've got a standalone policy, which, you know, could be through carrier A, B or C.
You know, are there some benefits going one way versus going the other,
you know, for let's say a small business that's got a $500 to $800 business
owner policy and they've got a $50,000 CyberFlex part in there.
(06:51):
I mean, are those coverages as robust as you would like to see as an attorney?
No, I could tell you the BOP, the coverage that you're going to get on the BOP
is going to be far more limited than what you're going to see on your standard
standalone cyber policy, right?
And that's not even going to be from the limits, but it's going to be what services.
May ultimately be covered, right?
(07:12):
And things such as a ransomware payment, for instance, may not even be covered
under that BOP, or it may be really reduced on a sublimit.
And if you've got a $500,000 ransom demand, but your BOP is only affording $100,000
worth of coverage, well, your entire BOP policy is now going to be eroded just
(07:32):
based on the ransom payment.
And that's before you've even got to legal forensic notification and all of that.
So it's very important to be taking a look at that BOP.
Understanding what coverages are you being afforded, right, and then looking
and making the comparisons to that standalone cyber policy, and then determining
(07:52):
what is the best for the client for the policyholder.
So talking about some of these policy exclusions, you know, what are some of
the consistent things that you see are problematic for insureds that they don't
have that they think they have that they need to have?
So for starters, I started off this conversation with business email compromise, right?
Crime insurance, right? I think there needs to be an understanding,
(08:15):
especially in the broker world, what is the difference between cyber and what
is the difference with crime, right?
Right. And is the cyber providing for a crime component or do you need a standalone
crime policy to buttress the cyber?
So what do I mean by that? The business email compromise.
(08:38):
Right. Your client suffers the compromise.
Bad guy gets into the email environment because of because of the breach.
Each $100,000 fraudulent wire transfer is made out of your client's account, right?
Now, the cyber is designed to respond to the investigation, to go into your
(08:58):
email environment, figure out exactly what occurred, make sure that the bad guy is out, right?
And determine what's the risk of harm to any data. That is what the cyber is designed to do.
But now remember, your client has now paid $100,000 thinking that they were
paying it to their third party vendor.
But now it's gone to the bad guy now they're out the hundred thousand dollars right the cyber.
(09:21):
Doesn't cover that loss right that's the
crime right and you're going to see that in two ways it's
either going to be an endorsement onto the cyber right it's typically called
like a social engineering type endorsement or with the standalone crime and
i think you know i sort of back in in my day when i was in the back in the claims
world i see it probably two to three days a week you know On the legal side now,
(09:45):
are the insured not understanding and the broker is not understanding,
do I really have coverage in place for the $100,000?
Because I can tell you, when that happens, the insured is not so much caught
up about the bad guy being in their environment.
They're concerned, but their immediate thought, I think human nature is,
well, I'm out $100,000 right now.
How am I going to get that back? right so so unfortunately
(10:08):
i think we see it one too many times where it's just
missing that coverage or it wasn't offered
to be insured or it wasn't the limits weren't
high enough to ultimately cover the loss right so brokers need to be mindful
and really need to understand the interplay between what's offered on the cyber
and what's offered on the crime and that in today's world you need both to be
(10:32):
in play with each other because the business email compromise,
we see 30 to 40 a week, right?
Yeah. That's the standard go.
What do you think about the intellectual property component?
Because some of it, it's in there.
Most of it, it's not. And a lot of agents aren't even really probably thinking
about that when they're selling this product.
(10:53):
Yeah, again, same concept, right? With intellectual property,
right, you're looking at other different types of forms that are not going to
be traditionally covered under the cyber, right?
So when you're thinking intellectual property and the protection of all of that,
right, sometimes a lot of that's going on the media policies, things of that nature.
(11:13):
Is the media tied into the cyber? Is it a standalone? What's protecting some
of those IP rights? Again, same concept with the crime, understanding what all
these forms are offering and the interplay between them.
It's a whole other level of insurance. And the goalpost is shifting and changing
constantly, which I think is the other part because this was probably a very
(11:34):
different landscape five, ten years ago than it is today because things are
constantly changing, right?
Right. So, listen, when I started in the industry, ransomware was a nuisance.
Let's put it that way. The demands were low.
There were a very small number of bad guys who were doing this, right?
And it was a lot easier for us just to go and pay this $20,000 or $30,000 ransom
(11:58):
and get our policyholders, our insurance back up.
And then we saw the evolution, right? And that's when in 2019,
we saw the proliferation of ransom.
And it really started targeting the healthcare companies, the manufacturers, right?
Of shutting them down, right? If you're a manufacturer and you're making those
(12:20):
widgets, the purpose of the ransomware attacks back then were to completely
shut you down, manufacturer, by the knees, cripple you, so you have no choice but to pay this ransom.
Backups weren't being discussed like they are today.
And when I say backups, meaning if your systems are down and they're encrypted
by the bad guy, having a set of backups in order to restore from to get your
(12:43):
business back up and running. Right. Back in 2019.
Right. Companies weren't backing up like they should have been.
Companies weren't making the investment. Backing up is a very expensive proposition.
Right. They weren't making the investment.
So bad guys were making money. Right. By 2021.
Right. As ransomware started becoming more forefront in the cyber world. Right.
(13:05):
Companies were now starting to make that investment into the backups.
Right. So now what did the bad guys do? They changed their tactics a little bit.
So now instead of just shutting you down and recognizing that,
there's probably a 50-50 chance I'm not going to get paid because they're going to have backups.
What we're now going to do before we shut you down is steal all of your data.
(13:26):
And we're just going to grab what we can, as much as we can,
as quick, as fast as we can.
The bad guy doesn't even know what they're pulling, but they're looking for the file server.
They're going to find the file server, and they're just going to pull as much
as they can. And now the bad guys are saying, okay, great.
You might have backups and you're not going to pay me, but then guess what I'm
going to do? I'm going to take all of your data.
(13:46):
I have a blog site on the dark web called the Hall of Shame.
And if you don't pay me, I'm going to post all of your data onto the dark web. All right.
So now you're back into the Pandora's box situation, right?
So maybe I don't have to pay because I can restore, right?
But now they've got hundreds of gigabytes, a terabyte worth of data.
(14:08):
We know that they are going to post this, right? So what am I going to do?
Am I now then paying the bad guy to prevent this information from being leaked?
So that's how they continuously have changed their tactics.
And then from there, as they're starting to see more and more companies to say,
hey, listen, you know what?
I'm not going to pay you because I'm going to have to go report this anyway,
(14:30):
or my clients already know this happened. Right.
Then it starts turning into harassment. Right. Then it's starting to turn into
phone calls. It's turning into emails. You're putting pressure on the board of directors.
You're you're actually going to they were calling our employees parents off
their emergency. That's what I was just about to say. You're calling,
they're calling Mary Sue in accounting.
They're calling Mary Sue's mom and telling Mary Sue's mom that if her boss doesn't
(14:54):
pay the ransom, they're going to post Mary Sue's social security number onto the dark web, right?
So again, this is just the next tactic that we're seeing in order to scare you into paying.
And a lot goes into that. A lot goes into that determination, right?
In terms of paying and not to pay. And it's very entity specific.
(15:16):
But listen, I'm for one, and I think I advocated this with you as well,
is paying a ransom is the last ditch effort.
Yep. It's where you've exhausted everything. You don't have the backups that
are going to be to restore.
And the only way I'm getting my business back up and running is by getting the key from the bad guy.
With data, all of our information is out.
(15:38):
It's true. And if you don't want to believe that, then I promise you that it
is out there. And I promise you, Samantha, that I can go onto the dark web right
now, and the bad guys have a folder of all of your information.
So there's a bad guy out there whose job in the bad guy world is just to aggregate data about you.
(16:00):
Meaning that if they go and they find your bank account somewhere out in the
world, then from there, they can also now go into their bad guy folder.
There and they have your social security number and they
have your last home address and they have your telephone number and
that's how they can start committing whatever fraud they want to commit against
you which is such a warm and fuzzy feeling that we're all so exposed you know
(16:24):
in so many different ways you know when it comes to industry there is no discrimination
i feel like every single industry is it's basically just who who's in the wrong
place at the wrong time right Right? Yeah.
No one's going to... Listen, we see, obviously, healthcare, right?
They do have a focus on places where they know that there's a lot of data.
(16:45):
Right? So they're obviously focused with the healthcare industry and everyone's
health records. Right? They love law firms.
Right? Right? Because we contain the client confidential, sensitive data. Right?
They love accountants, financial services organizations,
(17:06):
places where they can exert a little bit more pressure on you when they say,
I've just taken all of your data, all of your patient's medical records,
all of your client-sensitive legal documents to try to put more pressure into those entities today.
But are they necessarily targeting? No.
But if they find the vulnerability for a law firm, I can all but promise you
(17:28):
that they're going to go full tilt ahead. head.
Everybody's a mark. Everybody's a mark. So here's something interesting.
You have a lot of businesses, even when you're talking to clients,
I don't care what type of industry, they'll be like, oh, well,
we don't store the information.
We use a third-party provider or somebody else is running the card.
Somebody else is responsible.
So if the breach happens in your environment, technically, then it is your responsibility.
(17:54):
Am I correct? Correct? Correct.
But data runs to the data owner, right?
So if you are working with a third party organization, and they're,
you know, let's think of their medical billing, right?
So you're the hospital, I'm the patient, you're the hospital,
I go to you for treatment, right?
That hospital is the data owner of your health records, right?
(18:17):
But then I give your health records over to the third party billing provider, right?
They get that information, the third party billing provider now suffers the incident, right?
Now, I can't, as the hospital, I obviously can't go into the medical provider's
system to help them, right? They're fighting that battle on themselves.
But at the end of the day, once patient information has been compromised,
(18:39):
it's the hospital who's responsible for notifying the patient, right?
And then in those types of cases, then, right, you're dealing with the third
party provider to say, well, are you going to be providing the notification on my behalf?
Are you going to notify the regulators on my behalf?
And sometimes they do, and sometimes they don't, right?
(18:59):
And while all that, you're just trying to get as much information as you can.
And oftentimes, you're frustrated with the lack of information that you get.
Because again, as you know, these things take time.
And no organization has all the answers in 96 hours. And most organizations
don't have the answers in two weeks.
And a lot of organizations aren't going to have the answers that you want in
a month. And that's just the reality of the situation.
(19:22):
So everybody in our world, everybody wants everything done today.
In the cyber world, patience. Patience, right? Patience grasshopper,
right? Like I said to you.
Oh, patience grasshopper. But when it's happening, you know,
the world is exploding around you and it's, everything's moving super fast.
And then as a business owner, you're so emotional because you feel violated.
(19:42):
You know, you're concerned about your client information. You're concerned,
in our case, it was about our employee information.
And it was just, I mean, it was just so much coming at you.
And I think the emotional part of it is the hardest part because it's scary
and you don't know like what you don't know.
I mean, I had some dude in Romania calling my personal cell phone telling me this wasn't a joke.
And he was going into, you know, my nonprofit world, like getting into my stuff,
(20:06):
which was like my stuff, not my insurance stuff. And it was freaky, you know?
And it helped me become a better seller of the product from having a personal experience.
But I hope that a lot of the agents are listening. And this is a product that
everybody is a client, essentially, every person, every business.
Some of the carriers that are out there, do you have one that you like more than others?
(20:28):
Like policy form that you would recommend being a hardy product right now?
Yeah, listen, if you're working with a lot of the major players,
right? I think all of their forms are designed to maximize the coverage that
they provide to policyholders.
So if you want to talk about the bigger players, you have the Chubbs,
the Travelers, the Axes.
(20:49):
And those are just three names of a few major players. And their forms are all
designed fairly similarly to maximize coverage.
Ransomware, it's designed to cover you for the ransomware incident.
Business email compromise is designed to cover you for the business email.
Right but again right when we're working
with insurers of all shapes and sizes right the bigger
(21:09):
plot the bigger boys come with bigger premiums right
and i think that's where we're now seeing the evolution of the mgas right and
you're seeing you know just to name a few you're seeing the coalitions you're
seeing the cowbells you're seeing the resiliences right you're seeing you know
every month there's a new mga you know that that's popping up and developing right Right.
(21:31):
And there you may find better price points.
And again, their coverage is designed to everything we've discussed so far is
designed to cover all the types of losses that we've discussed.
Right. So I think the biggest evolution in cyber from a market perspective are the options in 2014.
And Samantha, you would know that better than me. You know, other than the Chubbs
(21:54):
and the Travelers and the Axis that I named before. before, right,
there were only 10 or probably 15 players that you were really going to within
the market to try to secure this coverage.
Now, there are a lot more options, a lot more affordable pricing.
And, you know, so I think some really broad coverage out there to be found across
all these different types of policies.
Yeah, there's definitely some some very cool products. One of the big,
(22:17):
you know, moments that I always look at is that deductible, whether it's a reimbursable
or like, quote unquote, the standard type of deductible, because that can be
one of those things that if it's a reimbursable,
more of that is going to come out of pocket before you're going to see it back.
How many times are you seeing like which one do you see more often?
I think we're starting to see a genesis more of where it's not reimbursement-based,
(22:41):
where the carrier will, as soon as you, say your deductible is $25,000,
as soon as you've met that deductible and now the ransom payment is $100,000 or $500,000,
we're seeing more and more where the carrier will work with the vendors and
make that $500,000 payment coming off the terms of your policy directly to the
(23:02):
vendors to effectuate the ransom.
Right it makes more sense because i don't know about you but most people
don't have 500 000 just kicking it in bitcoin on the
corner you know exactly so so and samantha so that's a
great point i think when you're when you're looking at those coverages it's very important
for the broker to understand that right to to say this is a reimbursement-based
policy or this and the carrier will step in your shoes once you satisfy and
(23:25):
make the payment yeah that was one of those that was the thing i you know when
i look at a policy when i'm you know writing it that's one one of the standout
ones I always kind of pay attention to.
So prior to this seat you're in right now, you spent a lot of time in claims
and you, I'm sure, have seen some pretty fantastic situations.
I want to know what's the craziest thing you've ever had come across your desk?
(23:49):
I mean, without being, because you know, you've got your privilege.
You can't talk about too much, but like just- Right.
Big kind of broad strokes. What's like the wildest thing? You know,
it's funny. I'm going to go way back and this is actually outside of cyber.
And it's a really funny story, but I was down in South Texas, right?
And I'm a New York boy down in South Texas, right?
(24:11):
And everyone kind of knew each other. Everyone was locals.
And the mediation was in the plaintiff's attorney's house. The breakout room was in their kitchen.
And I can tell you that things really escalated pretty quickly as we couldn't resolve this. Right.
(24:31):
And, you know, I phoned home to corporate offices and said, things are really
escalating here and I need X to de-escalate everything.
And we were, you know, I was able to get that money to de-escalate,
you know, a fight breaking out in the kitchen of the plaintiff's counsel's attorney's
home down in South Texas. So just insane.
(24:54):
I wonder if it's it was more challenging dealing with that heated situation
or dealing with these threat actors or these bad guys out there in the worldwide crazy web.
I mean, which one would you say would be harder? Like looking back in retrospect,
you know, the bad guys, the bad guys are actually, for the most part, fairly predictable.
(25:14):
And I think that's kind of what we're... Another change that we're seeing now
is more and more bad guys are starting to go a little bit more rogue.
So when I say bad guys, there are probably about 20 to 30 bad guy groups that
operate as professional organizations, for lack of a better term.
Right and you know what their mo's are going to
(25:35):
be and you know what to expect and i know that if your ransom demands a million
dollars i know that these bad guys will work with me over a period of time and
i can negotiate with them and i'll get that down to 50 and we'll pay 500 000
and i know you know and they're going to yell at us a little bit and threaten
and threaten to post our data a little bit but i know they're not going to do
that and i know i can get the deal done,
i think the problem now is we see a lot more guys going rogue all right.
(25:59):
That they're not part of these major groups anymore.
They're kind of going out on their own or going out with smaller splinter cell
groups. And they're not following the quote-unquote rules of engagement.
And I think that's becoming scary. It's more of, I can't necessarily tell you,
Samantha, hey, we don't really know who these guys are.
(26:19):
And that's what then makes me uncomfortable. Because I can't say to you,
wow, we've done 40 of these things.
And this is how this is going to play out over the course of the next two weeks. right?
This is, you know, there's a potential, I'm going to tell you,
it demands a million dollars, and they're going to say we want a million dollars,
and we're going to just go close to a little bit of a standard,
and they may, and I can't tell you what's going to happen.
So that's what scares me, right? It's this next evolution now of,
(26:43):
there's more of a spotlight, right? We're seeing more law enforcement takedowns.
Because of that, these guys are now starting to operate in more splinter cells,
not part of certain groups.
And that unknown territory is what actually is what scares me today.
And I know you do a little bit of work internationally. Some of the statistics
that when I was pulling for this conversation, you know, America,
(27:05):
the United States is still the number one target of most cyber attacks.
Is it just because we're not being smart about things? Or is it because we're an easy mark?
What is the major, you know, why is that continuing to happen here?
And we know what we know. Yeah, listen, I think that these attacks,
(27:26):
most of these attacks are not originating out of the United States, right?
They're originating in other parts of the world who may not view America in
the best of light, right?
So I think, you know, part of it is part of the geopolitical world that we are just in, right? Right.
(27:47):
But, you know, more and more, I think we are seeing other countries now being
impacted by this. Right.
And what becomes scary with that is, you know, they don't necessarily have the
same experience in dealing with these types of incidences. Right.
If, you know, yeah, up here in the US, you know, obviously most of Europe. Right.
(28:10):
You know, there are people that specialize in this. Right. in other
parts of the world not so much right and
you know there were government there was a government in south america that
was recently impacted impacted by this and they were crippled they were they
were absolutely crippled right so that's what's that's you know another scary
part of this is if you don't have the right team in place right and you're not
(28:32):
dealing with the experts who deal with this day in and day out right something
that could take weeks could potentially take months, right?
And could be very, very costly at the end of this. So.
And so, yeah, there's an international flavor to all of this.
The U.S. is not the only one that's impacted.
And again, I don't think the bad guys necessarily care. I think,
(28:54):
yeah, obviously, there's a focus on America.
But again, if you're vulnerable and they're able to exploit it,
I don't think it matters if you're here, if you're in the U.K., if you're in Australia.
They just want to get their profit. Well, it also doesn't even matter if you're a big, big company.
I mean, look at MGM that got wiped in Vegas, you know, a couple,
what was it, 18 months ago or so.
(29:15):
And they were, I mean, for 24 hours, people couldn't get into their hotel rooms.
They couldn't, I mean, all the machines were down.
And I mean, that's an organization that you would think has got it pretty buttoned up over there.
And that all stemmed from somebody pretending to, you know, calling from the
help desk and asking for credentials and them able to get them.
I know. Something that simple.
(29:37):
Yeah. So don't click on links.
Don't click on my personal information.
Don't do any of these things that we know we're not supposed to do.
The other one is the text messages, because that's the thing that I see more and more lately.
You know, I got one the other day that was talking about a package that was,
you know, unable to be delivered from the US Post Service.
But if I clicked here and gave them my credit card, I could get it right now.
(29:59):
And I was like, you know what, thank you. I'm good. I'm good.
You know, and it's educating a lot of people that are more vulnerable to probably,
you know, clicking on the those links as we, you know, kind of progress.
John, you are one of the most smartest guys in cyber. I can't say thank you
enough. You have enlightened us on many different things.
We will post your website and all of your links. So if any of our listeners
(30:20):
want to get in touch and hear a little bit more, they can.
We hope that everybody goes out this week and is up to speed.
All right. We've got a great show today. We are joined by one of the industry's
most desirable men when it comes to the knowledge about cyber.
My buddy, John Loyal, thanks for joining us today. How are you?
Samantha, how are you? Thanks for having me. I appreciate it. I'm revved up.
So you're a partner with Cipriani and Werner, and you and I got to know each
other pretty much under the worst circumstances because I was the call in the
(00:24):
middle of the night with, hey, my world's on fire. My business has been attacked.
You had mentioned when we met, we were going to have the fastest relationship.
We were going to get married before we even dated, right? We were going to have
the speed round for the next seven days.
And it was chaos. It was crazy. But you really helped kind of hold our hand through the process.
So first of all, Well, I never actually got a formal chance to say thank you. So thanks.
(00:47):
But now I'm excited to really open up and talk about your seat on the lawyer
side of this equation when it comes to a cyber claim. So what is going on out there?
A whole lot. That's for sure.
Listen, ransomware is real, right? It is just not what you see on the front
page and you say, well, that can't possibly happen to me, right?
(01:11):
It's happening to anyone who has a vulnerability, which is mostly everybody
that is working in the cyberspace that has an internet connection, basically, right?
The bad guys, they want to do bad things. And for them, it's just the business,
right? It's not personal.
It's not targeted. In most cases, it is we've discovered a vulnerability within your system. them.
(01:36):
And we're going to leverage that to the fullest extent to make your life as
painful as possible, and for us to make money off of this equation.
And that's it. And we're dealing with a lot of bad guys out there.
And their tactics are changing.
They're developing every single day. And the minute we get in front of it,
they discover a new vulnerability, and everybody is back to square one.
(01:59):
So right now, we are seeing my firm alone, loan, we're seeing about 15 to 20
ransomware attacks a week. Wow.
So we're going to see well over, you know, probably close to about 300,
400. And that's just my, that's just my law firm alone, right?
Well, we're also seeing a lot of this business email compromise,
which actually in a lot of ways is a lot more scary because it's not sexy, right?
(02:23):
It's not making the front page news, right?
What the business email compromise is designed to do is get into your email
environment, find an invoice.
You're going to owe company X $300,000 as part of your normal services.
The bad guy finds that invoice, they change the instructions,
and now that $300,000 is gone in the wind.
(02:45):
And by the time you even discover what happened, the bad guy's got the money
out of his bank account, the bad
guy's taken that money out of the bank account, and that money is gone.
And there's no law enforcement or there's no banker that's going to be able to recover these funds.
And again, it's just business. These bad guys aren't personal.
They were able to get your email credentials and you were just the next on the
(03:10):
list and they were able to conduct their fraudulent attack.
And they're sending it out to everybody. And when we had our moment,
it was an Amazon email that looked super legit.
You've seen DocuSign, you've seen your banks, you've seen so many different
ones that are out there and it's just being at the wrong moment at the wrong
time and clicking the wrong link.
So that's problem one. one in three Americans, one in three businesses is going
(03:34):
to have a, you know, cyber breach moment throughout their lifetime,
which is a big, big number.
And, you know, the cyber insurance product is there obviously to help protect,
you know, you as an individual and also you as a business.
You know, some of the bonuses of a cyber policy, you know, when you're looking
at an insurance professional like our audience, you know, and they're trying
(03:56):
to find ways to help businesses. I mean, how important is a cyber insurance policy from your seat?
You need it. Yeah. You need it. These are expensive.
Every part of this process is expensive. So let's even take out the legal part of this, right?
The first step of any cyber incident, for lack of a better term,
(04:16):
is you have to investigate to figure out exactly what is going on, right?
To figure out your five W's and your one H, right?
So now your first step in the process is bringing in a computer forensic expert
that's got a lot more knowledge than most of your internal IT folks that are
really doing these types of investigations for a look. They are not cheap.
(04:40):
But their services...
Are what's typically covered under the terms of the cyber policy, right?
So if they're coming in, I can tell you, most of these firms are not doing these
types of investigations for what we less than about $25,000, $50,000 or so, right?
So it's very, and depending on your size of your company and the size of the
(05:02):
network infrastructure that
you have, $25,000, $50,000 can easily become $100,000, $250,000, right?
And that's really just the bare minimum. And that's just the forensic piece
of it. Just to find out what the hell's going on.
Just to figure out what's going on. Yeah. Now, then we start talking about access to data, right?
Now you find out that we've got 50,000 people whose social security number has been compromised.
(05:24):
Each of these individuals require notice. You have to provide each of them two
years of complimentary credit monitoring.
So now you're paying for the notice piece of this, right?
Now, you've already paid $100,000 for your forensics.
You're about to spend another $100,000 on your notification. diversification
plus you have the legal costs on top of
all of it plus everything else that's that's
(05:46):
going to be factored in are we bringing in additional it resources to
help you recover from this incident right what about other
incremental expenses if you need new hard drives if you need new servers right
things of that nature right without the cyber insurance you're potentially out
of pocket hundreds of thousands of dollars but everything that i just said to
(06:07):
you are things that you would see typically covered under the terms of the policy.
So at the end of the day, what are your clients out? What are your policy holders
out? They're deductible.
Which is going to hopefully be a lot less than the half a million dollars they
may be incurring to respond to this type of event.
So here's a question when it comes to these policy forms and these different,
you know, you take like a Travelers or a Hartford and they have these different,
(06:29):
you know, cyber elements in built into like a BOP policy.
And then you've got a standalone policy, which, you know, could be through carrier A, B or C.
You know, are there some benefits going one way versus going the other,
you know, for let's say a small business that's got a $500 to $800 business
owner policy and they've got a $50,000 CyberFlex part in there.
(06:51):
I mean, are those coverages as robust as you would like to see as an attorney?
No, I could tell you the BOP, the coverage that you're going to get on the BOP
is going to be far more limited than what you're going to see on your standard
standalone cyber policy, right?
And that's not even going to be from the limits, but it's going to be what services.
May ultimately be covered, right?
(07:12):
And things such as a ransomware payment, for instance, may not even be covered
under that BOP, or it may be really reduced on a sublimit.
And if you've got a $500,000 ransom demand, but your BOP is only affording $100,000
worth of coverage, well, your entire BOP policy is now going to be eroded just
(07:32):
based on the ransom payment.
And that's before you've even got to legal forensic notification and all of that.
So it's very important to be taking a look at that BOP.
Understanding what coverages are you being afforded, right, and then looking
and making the comparisons to that standalone cyber policy, and then determining
(07:52):
what is the best for the client for the policyholder.
So talking about some of these policy exclusions, you know, what are some of
the consistent things that you see are problematic for insureds that they don't
have that they think they have that they need to have?
So for starters, I started off this conversation with business email compromise, right?
Crime insurance, right? I think there needs to be an understanding,
(08:15):
especially in the broker world, what is the difference between cyber and what
is the difference with crime, right?
Right. And is the cyber providing for a crime component or do you need a standalone
crime policy to buttress the cyber?
So what do I mean by that? The business email compromise.
(08:38):
Right. Your client suffers the compromise.
Bad guy gets into the email environment because of because of the breach.
Each $100,000 fraudulent wire transfer is made out of your client's account, right?
Now, the cyber is designed to respond to the investigation, to go into your
(08:58):
email environment, figure out exactly what occurred, make sure that the bad guy is out, right?
And determine what's the risk of harm to any data. That is what the cyber is designed to do.
But now remember, your client has now paid $100,000 thinking that they were
paying it to their third party vendor.
But now it's gone to the bad guy now they're out the hundred thousand dollars right the cyber.
(09:21):
Doesn't cover that loss right that's the
crime right and you're going to see that in two ways it's
either going to be an endorsement onto the cyber right it's typically called
like a social engineering type endorsement or with the standalone crime and
i think you know i sort of back in in my day when i was in the back in the claims
world i see it probably two to three days a week you know On the legal side now,
(09:45):
are the insured not understanding and the broker is not understanding,
do I really have coverage in place for the $100,000?
Because I can tell you, when that happens, the insured is not so much caught
up about the bad guy being in their environment.
They're concerned, but their immediate thought, I think human nature is,
well, I'm out $100,000 right now.
How am I going to get that back? right so so unfortunately
(10:08):
i think we see it one too many times where it's just
missing that coverage or it wasn't offered
to be insured or it wasn't the limits weren't
high enough to ultimately cover the loss right so brokers need to be mindful
and really need to understand the interplay between what's offered on the cyber
and what's offered on the crime and that in today's world you need both to be
(10:32):
in play with each other because the business email compromise,
we see 30 to 40 a week, right?
Yeah. That's the standard go.
What do you think about the intellectual property component?
Because some of it, it's in there.
Most of it, it's not. And a lot of agents aren't even really probably thinking
about that when they're selling this product.
(10:53):
Yeah, again, same concept, right? With intellectual property,
right, you're looking at other different types of forms that are not going to
be traditionally covered under the cyber, right?
So when you're thinking intellectual property and the protection of all of that,
right, sometimes a lot of that's going on the media policies, things of that nature.
(11:13):
Is the media tied into the cyber? Is it a standalone? What's protecting some
of those IP rights? Again, same concept with the crime, understanding what all
these forms are offering and the interplay between them.
It's a whole other level of insurance. And the goalpost is shifting and changing
constantly, which I think is the other part because this was probably a very
(11:34):
different landscape five, ten years ago than it is today because things are
constantly changing, right?
Right. So, listen, when I started in the industry, ransomware was a nuisance.
Let's put it that way. The demands were low.
There were a very small number of bad guys who were doing this, right?
And it was a lot easier for us just to go and pay this $20,000 or $30,000 ransom
(11:58):
and get our policyholders, our insurance back up.
And then we saw the evolution, right? And that's when in 2019,
we saw the proliferation of ransom.
And it really started targeting the healthcare companies, the manufacturers, right?
Of shutting them down, right? If you're a manufacturer and you're making those
(12:20):
widgets, the purpose of the ransomware attacks back then were to completely
shut you down, manufacturer, by the knees, cripple you, so you have no choice but to pay this ransom.
Backups weren't being discussed like they are today.
And when I say backups, meaning if your systems are down and they're encrypted
by the bad guy, having a set of backups in order to restore from to get your
(12:43):
business back up and running. Right. Back in 2019.
Right. Companies weren't backing up like they should have been.
Companies weren't making the investment. Backing up is a very expensive proposition.
Right. They weren't making the investment.
So bad guys were making money. Right. By 2021.
Right. As ransomware started becoming more forefront in the cyber world. Right.
(13:05):
Companies were now starting to make that investment into the backups.
Right. So now what did the bad guys do? They changed their tactics a little bit.
So now instead of just shutting you down and recognizing that,
there's probably a 50-50 chance I'm not going to get paid because they're going to have backups.
What we're now going to do before we shut you down is steal all of your data.
(13:26):
And we're just going to grab what we can, as much as we can,
as quick, as fast as we can.
The bad guy doesn't even know what they're pulling, but they're looking for the file server.
They're going to find the file server, and they're just going to pull as much
as they can. And now the bad guys are saying, okay, great.
You might have backups and you're not going to pay me, but then guess what I'm
going to do? I'm going to take all of your data.
(13:46):
I have a blog site on the dark web called the Hall of Shame.
And if you don't pay me, I'm going to post all of your data onto the dark web. All right.
So now you're back into the Pandora's box situation, right?
So maybe I don't have to pay because I can restore, right?
But now they've got hundreds of gigabytes, a terabyte worth of data.
(14:08):
We know that they are going to post this, right? So what am I going to do?
Am I now then paying the bad guy to prevent this information from being leaked?
So that's how they continuously have changed their tactics.
And then from there, as they're starting to see more and more companies to say,
hey, listen, you know what?
I'm not going to pay you because I'm going to have to go report this anyway,
(14:30):
or my clients already know this happened. Right.
Then it starts turning into harassment. Right. Then it's starting to turn into
phone calls. It's turning into emails. You're putting pressure on the board of directors.
You're you're actually going to they were calling our employees parents off
their emergency. That's what I was just about to say. You're calling,
they're calling Mary Sue in accounting.
They're calling Mary Sue's mom and telling Mary Sue's mom that if her boss doesn't
(14:54):
pay the ransom, they're going to post Mary Sue's social security number onto the dark web, right?
So again, this is just the next tactic that we're seeing in order to scare you into paying.
And a lot goes into that. A lot goes into that determination, right?
In terms of paying and not to pay. And it's very entity specific.
(15:16):
But listen, I'm for one, and I think I advocated this with you as well,
is paying a ransom is the last ditch effort.
Yep. It's where you've exhausted everything. You don't have the backups that
are going to be to restore.
And the only way I'm getting my business back up and running is by getting the key from the bad guy.
With data, all of our information is out.
(15:38):
It's true. And if you don't want to believe that, then I promise you that it
is out there. And I promise you, Samantha, that I can go onto the dark web right
now, and the bad guys have a folder of all of your information.
So there's a bad guy out there whose job in the bad guy world is just to aggregate data about you.
(16:00):
Meaning that if they go and they find your bank account somewhere out in the
world, then from there, they can also now go into their bad guy folder.
There and they have your social security number and they
have your last home address and they have your telephone number and
that's how they can start committing whatever fraud they want to commit against
you which is such a warm and fuzzy feeling that we're all so exposed you know
(16:24):
in so many different ways you know when it comes to industry there is no discrimination
i feel like every single industry is it's basically just who who's in the wrong
place at the wrong time right Right? Yeah.
No one's going to... Listen, we see, obviously, healthcare, right?
They do have a focus on places where they know that there's a lot of data.
(16:45):
Right? So they're obviously focused with the healthcare industry and everyone's
health records. Right? They love law firms.
Right? Right? Because we contain the client confidential, sensitive data. Right?
They love accountants, financial services organizations,
(17:06):
places where they can exert a little bit more pressure on you when they say,
I've just taken all of your data, all of your patient's medical records,
all of your client-sensitive legal documents to try to put more pressure into those entities today.
But are they necessarily targeting? No.
But if they find the vulnerability for a law firm, I can all but promise you
(17:28):
that they're going to go full tilt ahead. head.
Everybody's a mark. Everybody's a mark. So here's something interesting.
You have a lot of businesses, even when you're talking to clients,
I don't care what type of industry, they'll be like, oh, well,
we don't store the information.
We use a third-party provider or somebody else is running the card.
Somebody else is responsible.
So if the breach happens in your environment, technically, then it is your responsibility.
(17:54):
Am I correct? Correct? Correct.
But data runs to the data owner, right?
So if you are working with a third party organization, and they're,
you know, let's think of their medical billing, right?
So you're the hospital, I'm the patient, you're the hospital,
I go to you for treatment, right?
That hospital is the data owner of your health records, right?
(18:17):
But then I give your health records over to the third party billing provider, right?
They get that information, the third party billing provider now suffers the incident, right?
Now, I can't, as the hospital, I obviously can't go into the medical provider's
system to help them, right? They're fighting that battle on themselves.
But at the end of the day, once patient information has been compromised,
(18:39):
it's the hospital who's responsible for notifying the patient, right?
And then in those types of cases, then, right, you're dealing with the third
party provider to say, well, are you going to be providing the notification on my behalf?
Are you going to notify the regulators on my behalf?
And sometimes they do, and sometimes they don't, right?
(18:59):
And while all that, you're just trying to get as much information as you can.
And oftentimes, you're frustrated with the lack of information that you get.
Because again, as you know, these things take time.
And no organization has all the answers in 96 hours. And most organizations
don't have the answers in two weeks.
And a lot of organizations aren't going to have the answers that you want in
a month. And that's just the reality of the situation.
(19:22):
So everybody in our world, everybody wants everything done today.
In the cyber world, patience. Patience, right? Patience grasshopper,
right? Like I said to you.
Oh, patience grasshopper. But when it's happening, you know,
the world is exploding around you and it's, everything's moving super fast.
And then as a business owner, you're so emotional because you feel violated.
(19:42):
You know, you're concerned about your client information. You're concerned,
in our case, it was about our employee information.
And it was just, I mean, it was just so much coming at you.
And I think the emotional part of it is the hardest part because it's scary
and you don't know like what you don't know.
I mean, I had some dude in Romania calling my personal cell phone telling me this wasn't a joke.
And he was going into, you know, my nonprofit world, like getting into my stuff,
(20:06):
which was like my stuff, not my insurance stuff. And it was freaky, you know?
And it helped me become a better seller of the product from having a personal experience.
But I hope that a lot of the agents are listening. And this is a product that
everybody is a client, essentially, every person, every business.
Some of the carriers that are out there, do you have one that you like more than others?
(20:28):
Like policy form that you would recommend being a hardy product right now?
Yeah, listen, if you're working with a lot of the major players,
right? I think all of their forms are designed to maximize the coverage that
they provide to policyholders.
So if you want to talk about the bigger players, you have the Chubbs,
the Travelers, the Axes.
(20:49):
And those are just three names of a few major players. And their forms are all
designed fairly similarly to maximize coverage.
Ransomware, it's designed to cover you for the ransomware incident.
Business email compromise is designed to cover you for the business email.
Right but again right when we're working
with insurers of all shapes and sizes right the bigger
(21:09):
plot the bigger boys come with bigger premiums right
and i think that's where we're now seeing the evolution of the mgas right and
you're seeing you know just to name a few you're seeing the coalitions you're
seeing the cowbells you're seeing the resiliences right you're seeing you know
every month there's a new mga you know that that's popping up and developing right Right.
(21:31):
And there you may find better price points.
And again, their coverage is designed to everything we've discussed so far is
designed to cover all the types of losses that we've discussed.
Right. So I think the biggest evolution in cyber from a market perspective are the options in 2014.
And Samantha, you would know that better than me. You know, other than the Chubbs
(21:54):
and the Travelers and the Axis that I named before. before, right,
there were only 10 or probably 15 players that you were really going to within
the market to try to secure this coverage.
Now, there are a lot more options, a lot more affordable pricing.
And, you know, so I think some really broad coverage out there to be found across
all these different types of policies.
Yeah, there's definitely some some very cool products. One of the big,
(22:17):
you know, moments that I always look at is that deductible, whether it's a reimbursable
or like, quote unquote, the standard type of deductible, because that can be
one of those things that if it's a reimbursable,
more of that is going to come out of pocket before you're going to see it back.
How many times are you seeing like which one do you see more often?
I think we're starting to see a genesis more of where it's not reimbursement-based,
(22:41):
where the carrier will, as soon as you, say your deductible is $25,000,
as soon as you've met that deductible and now the ransom payment is $100,000 or $500,000,
we're seeing more and more where the carrier will work with the vendors and
make that $500,000 payment coming off the terms of your policy directly to the
(23:02):
vendors to effectuate the ransom.
Right it makes more sense because i don't know about you but most people
don't have 500 000 just kicking it in bitcoin on the
corner you know exactly so so and samantha so that's a
great point i think when you're when you're looking at those coverages it's very important
for the broker to understand that right to to say this is a reimbursement-based
policy or this and the carrier will step in your shoes once you satisfy and
(23:25):
make the payment yeah that was one of those that was the thing i you know when
i look at a policy when i'm you know writing it that's one one of the standout
ones I always kind of pay attention to.
So prior to this seat you're in right now, you spent a lot of time in claims
and you, I'm sure, have seen some pretty fantastic situations.
I want to know what's the craziest thing you've ever had come across your desk?
(23:49):
I mean, without being, because you know, you've got your privilege.
You can't talk about too much, but like just- Right.
Big kind of broad strokes. What's like the wildest thing? You know,
it's funny. I'm going to go way back and this is actually outside of cyber.
And it's a really funny story, but I was down in South Texas, right?
And I'm a New York boy down in South Texas, right?
(24:11):
And everyone kind of knew each other. Everyone was locals.
And the mediation was in the plaintiff's attorney's house. The breakout room was in their kitchen.
And I can tell you that things really escalated pretty quickly as we couldn't resolve this. Right.
(24:31):
And, you know, I phoned home to corporate offices and said, things are really
escalating here and I need X to de-escalate everything.
And we were, you know, I was able to get that money to de-escalate,
you know, a fight breaking out in the kitchen of the plaintiff's counsel's attorney's
home down in South Texas. So just insane.
(24:54):
I wonder if it's it was more challenging dealing with that heated situation
or dealing with these threat actors or these bad guys out there in the worldwide crazy web.
I mean, which one would you say would be harder? Like looking back in retrospect,
you know, the bad guys, the bad guys are actually, for the most part, fairly predictable.
(25:14):
And I think that's kind of what we're... Another change that we're seeing now
is more and more bad guys are starting to go a little bit more rogue.
So when I say bad guys, there are probably about 20 to 30 bad guy groups that
operate as professional organizations, for lack of a better term.
Right and you know what their mo's are going to
(25:35):
be and you know what to expect and i know that if your ransom demands a million
dollars i know that these bad guys will work with me over a period of time and
i can negotiate with them and i'll get that down to 50 and we'll pay 500 000
and i know you know and they're going to yell at us a little bit and threaten
and threaten to post our data a little bit but i know they're not going to do
that and i know i can get the deal done,
i think the problem now is we see a lot more guys going rogue all right.
(25:59):
That they're not part of these major groups anymore.
They're kind of going out on their own or going out with smaller splinter cell
groups. And they're not following the quote-unquote rules of engagement.
And I think that's becoming scary. It's more of, I can't necessarily tell you,
Samantha, hey, we don't really know who these guys are.
(26:19):
And that's what then makes me uncomfortable. Because I can't say to you,
wow, we've done 40 of these things.
And this is how this is going to play out over the course of the next two weeks. right?
This is, you know, there's a potential, I'm going to tell you,
it demands a million dollars, and they're going to say we want a million dollars,
and we're going to just go close to a little bit of a standard,
and they may, and I can't tell you what's going to happen.
So that's what scares me, right? It's this next evolution now of,
(26:43):
there's more of a spotlight, right? We're seeing more law enforcement takedowns.
Because of that, these guys are now starting to operate in more splinter cells,
not part of certain groups.
And that unknown territory is what actually is what scares me today.
And I know you do a little bit of work internationally. Some of the statistics
that when I was pulling for this conversation, you know, America,
(27:05):
the United States is still the number one target of most cyber attacks.
Is it just because we're not being smart about things? Or is it because we're an easy mark?
What is the major, you know, why is that continuing to happen here?
And we know what we know. Yeah, listen, I think that these attacks,
(27:26):
most of these attacks are not originating out of the United States, right?
They're originating in other parts of the world who may not view America in
the best of light, right?
So I think, you know, part of it is part of the geopolitical world that we are just in, right? Right.
(27:47):
But, you know, more and more, I think we are seeing other countries now being
impacted by this. Right.
And what becomes scary with that is, you know, they don't necessarily have the
same experience in dealing with these types of incidences. Right.
If, you know, yeah, up here in the US, you know, obviously most of Europe. Right.
(28:10):
You know, there are people that specialize in this. Right. in other
parts of the world not so much right and
you know there were government there was a government in south america that
was recently impacted impacted by this and they were crippled they were they
were absolutely crippled right so that's what's that's you know another scary
part of this is if you don't have the right team in place right and you're not
(28:32):
dealing with the experts who deal with this day in and day out right something
that could take weeks could potentially take months, right?
And could be very, very costly at the end of this. So.
And so, yeah, there's an international flavor to all of this.
The U.S. is not the only one that's impacted.
And again, I don't think the bad guys necessarily care. I think,
(28:54):
yeah, obviously, there's a focus on America.
But again, if you're vulnerable and they're able to exploit it,
I don't think it matters if you're here, if you're in the U.K., if you're in Australia.
They just want to get their profit. Well, it also doesn't even matter if you're a big, big company.
I mean, look at MGM that got wiped in Vegas, you know, a couple,
what was it, 18 months ago or so.
(29:15):
And they were, I mean, for 24 hours, people couldn't get into their hotel rooms.
They couldn't, I mean, all the machines were down.
And I mean, that's an organization that you would think has got it pretty buttoned up over there.
And that all stemmed from somebody pretending to, you know, calling from the
help desk and asking for credentials and them able to get them.
I know. Something that simple.
(29:37):
Yeah. So don't click on links.
Don't click on my personal information.
Don't do any of these things that we know we're not supposed to do.
The other one is the text messages, because that's the thing that I see more and more lately.
You know, I got one the other day that was talking about a package that was,
you know, unable to be delivered from the US Post Service.
But if I clicked here and gave them my credit card, I could get it right now.
(29:59):
And I was like, you know what, thank you. I'm good. I'm good.
You know, and it's educating a lot of people that are more vulnerable to probably,
you know, clicking on the those links as we, you know, kind of progress.
John, you are one of the most smartest guys in cyber. I can't say thank you
enough. You have enlightened us on many different things.
We will post your website and all of your links. So if any of our listeners
(30:20):
want to get in touch and hear a little bit more, they can.
We hope that everybody goes out this week and is up to speed.
Popular Podcasts
Are You A Charlotte?
In 1997, actress Kristin Davis’ life was forever changed when she took on the role of Charlotte York in Sex and the City. As we watched Carrie, Samantha, Miranda and Charlotte navigate relationships in NYC, the show helped push once unacceptable conversation topics out of the shadows and altered the narrative around women and sex. We all saw ourselves in them as they searched for fulfillment in life, sex and friendships. Now, Kristin Davis wants to connect with you, the fans, and share untold stories and all the behind the scenes. Together, with Kristin and special guests, what will begin with Sex and the City will evolve into talks about themes that are still so relevant today. "Are you a Charlotte?" is much more than just rewatching this beloved show, it brings the past and the present together as we talk with heart, humor and of course some optimism.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.