Connect with us

Wealth Management

Mitigating DDoS risks in the global insurance sector



By Richard Hummel, threat intelligence lead at NETSCOUT


As cybercriminals continue to adapt their methodology, businesses in the insurance sector need to be especially vigilant of the current threat landscape. Indeed, according to NETSCOUT’s recently published DDoS Threat Intelligence Report, adversaries had launched an increase in attacks against insurance agencies and brokerages near the end of last year to cash in on distributed-denial-of-service (DDoS) extortion pay-outs.

Although the report confirmed our predictions that overall DDoS activity would decrease – by three per cent in this timeframe – recent activity suggests that cybercriminals used this time to ‘sharpen their knives’, developing their techniques and identifying new targets. We also identified a rise in industry-specific targeting and direct-path attacks which suggests that adversaries are trying to zone in on targeting specific organisations, like the insurance industry. While this might sound like there would be less overall damage, ‘focusing’ DDoS attacks is akin to using a homing missile instead of a sniper rifle – causing damage not only to the intended target but to everything around it.

With the rapid adoption of DDoS attacks by cybercriminals, insurance agencies should take the time to learn about these attacks, the damages they can impose, and how to successfully mitigate the associated risks.


DDoS attacks targeting financial and insurance organisations

One of the notable observations we made in our latest Threat Intelligence Report, was a considerable increase in DDoS extortion attacks. We identified three prolific DDoS extortion campaigns operating simultaneously. This is significant because, although one campaign within a year is not out of the norm, it is rare to have multiple campaigns deployed within such a small amount of time. This activity suggests that cybercriminals are especially motivated by making quick profits and bolstering their extortion efforts via deploying ransomware, stealing data, and launching targeted DDoS attacks.

Richard Hummel

When it comes to insurance agencies and brokers, the sector faced a large 257 per cent increase in DDoS attacks during the second half of 2021, many of which were DDoS extortion events and likely due to the assumed amount of capital held within these organisations.

Another trend that affects finance and insurance sectors is the continued targeting of the connectivity supply chain. Previously, we have seen adversaries targeting vital gateways to online life such as DNS servers, virtual private network (VPN) concentrators and services, and internet exchanges. Successful attacks against them can cause a cascade of collateral damage that impacts a huge range of entities, from banks and insurers to wired and wireless service providers—not to mention myriad individual users.

In the second half of 2021, we saw this trend extend to computer manufacturing. DDoS activity targeting computer technology manufacturers increased by 162 per cent, along with a 263 per cent increase in attacks towards electronic device and computer storage manufacturers near the end of 2021. This is concerning, as DDoS attacks can cause major disruptions onto manufacturing companies which provide the technology needed for small enterprises and large international corporations to stay in business – as well as those in the insurance sectors.

DDoS attacks targeting the connectivity supply chain can impose a range of knock-on effects onto several industries relying on similar networks, so insurance agencies need to be aware of the current DDoS methodologies that will likely affect their business. However, insurance agencies must not only be aware of the risks relating to losing their own network connectivity – which will subsequently disrupt their business operations – they also need to be aware of the trends that affect other businesses when it comes to drafting future policies for their customers.


How insurance agencies and brokers can mitigate these attacks

With each passing year, DDoS activity is expected to increase in both frequency and intensity. This is already proving to be the case. Along with the widescale adoption of these attack methods continuing, triple extortion campaigns incorporating DDoS are also expected to become progressively more detrimental in time. It is evident from these significant changes in attack methodology that cybercriminals are only improving their techniques and building the momentum needed to launch even more destructive and complex attacks in the future.

With this, the imposed damages by these attacks will only increase delays of daily operations and financial losses to those insurance firms choosing to pay attackers, with the false hope that their attackers will stay away. Instead, organisations must match these attacks with equally effective DDoS protection systems in order to successfully defend their online infrastructures and digital assets.

In doing so, insurance companies should consider enlisting an on-demand DDoS attack specialist to help navigate through the unfamiliar cyberthreat landscape. Expert advice and insight of this kind can greatly benefit individual teams, the entire company, and its key stakeholders in better understanding how to mitigate the risks of emerging DDoS attacks.

Additionally, investing in a strong and effective DDoS protection system is also necessary to successfully mitigate emerging DDoS threats. Only by implementing a comprehensive DDoS mitigation system can organisations within the insurance sector prevent DDoS attacks from imposing significant damages. However, it is imperative that these protection systems are regularly maintained and tested to identify recent changes in attack methodology. Periodic testing in this way ensures that not only are changes to an organisation’s online systems incorporated into a well-rounded protection plan, but also provides insight into new attack trends and how to proactively prepare for them.

Positioning cybersecurity measures for success in this way will provide organisations with more favourable chances of defending their online infrastructures from potential DDoS attacks and extortion campaigns. By carefully following current best practices and implementing effective mitigation tools with the help of an expert, insurance agencies and brokerages can successfully protect their digital assets from DDoS attacks and truly take charge of their cybersecurity to prolong their business continuity.


Top 10

What happens to your investments after your death?




By Jaco Prinsloo, certified financial planner at Alexforbes

Financial planning regarding the succession of investments is rarely carried out, at least in South Africa. As a result, potential heirs are often not sure what to do or where to start to claim and settle a loved ones investments. In many cases, the family is unaware of the existence of an investment portfolio. With succession planning, the transfer of assets (whether property, your bank accounts, cars or investments) is facilitated.

Today I want to focus on investment and the succession planning of investments, specifically discretionary investments, compulsory investments and policies. The type of investment will determine how the assets and proceeds get distributed, so we first need to look at the different investment types:

Discretionary investments

Discretionary investments are any investment you make with after tax money at your own discretion. Discretionary investments include:

  • Unit trusts
  • Money market accounts
  • Fixed deposits
  • South African retail bonds
  • Share portfolios
  • Tax free savings accounts

Jaco Prinsloo

These investments will form part of your estate and will be subject to estate duty and executor’s fees. However allthou a tax-free savings account forms part of your estate there are no executor’s fees payable. The proceeds from the investments will be distributed as per your Will to your nominated beneficiaries after your estate has been settled. Because these investments form part of your estate the investments will be “frozen” and no transaction or changes can be made to the investments until the proceeds are paid to the estate.

Investment and Life Policies

Life insurance is a type of insurance contract where you agree to pay premiums to keep your life cover active. If you pass away, the life insurance company will pay the life cover benefit directly to your nominated beneficiaries, which can be a person or your estate.

You also get investment policies like living annuities and endowment policies where the investment value pays to the nominated beneficiaries on your passing. One benefit of investment and life policies is that it does not form part of your estate, which means no estate duty and the proceeds get paid directly to your nominated beneficiaries giving them access to cash while they wait for the estate to be wind up. Making it an essential part of anyone’s overall financial plan.

Compulsory investments

Compulsory investments are investments which are compulsory with some employers. Working for some companies you might be required to be part of a provident or pension fund as part of your employment contract. Compulsory investments might also offer some tax benefits but investors have limited access to their money and these investments are governed by Regulation 28 stipulating where and how you can invest. Compulsory investments can be summarised as “retirement funds” and include:

  • Pension fund
  • Provident fund
  • Retirement annuity fund
  • Preservation funds

The proceeds from retirement funds are distributed as per Section 37C of the Pension Fund Act.

Which means the trustees of the fund will use their discretion to distribute the proceeds of your retirement savings to insure all dependents and beneficiaries receive equal and fair benefits. Belonging to a retirement fund you will be required to nominate beneficiaries but its important to remember the beneficiary nomination is seen as a guide to the trustees or a “wish list” and the ultimate decision on how the benefits get distributed lies with the trustees of the fund.

As shown above, it is important to keep your Will and nominated beneficiaries updated on your policies and retirement funds. So how to plan for succession?

The first step is to talk to your family members about your investments and the administrator of these investments. Secondly you can create an organised folder with all the documentation of your investments, policies, copy of your Will and personal documents like your ID copy and bank statements. Your family does not need to know the value of the investments but the knowledge of the investments and where to find all your important documents will make it easier for them to start the claim process. Speak to a certified financial planner for advice on your beneficiary nominations and to formalise your wishes in a document, thus setting up a will.

Continue Reading






By Buhle Langa, certified financial planner at Alexforbes

Financial independence is important during any person’s lifetime, at all stages.

By starting to plan for your retirement early in your working life, you can maintain your standard of living in your retirement years. While a life partner can be wonderful, they should not be considered as a part of your retirement plan as they may not even have saved sufficiently to meet their own requirements.

Women tend to live longer than men, and since research shows they generally earn less, this means that they need to save more, for longer, than their male counterparts.

It is important to familiarise yourself with how you were married and what the terms are should the marriage end either in divorce or death. If you are married in community of property, both you and your spouse’s assets will form part of your deceased estate and your spouse will automatically, by law, be entitled to 50% of the combined assets.

You can be married out of community of property with or without the accrual system. Being married without accrual is the easiest system to work with in your will and estate; your assets remain your own and you may deal with your assets as you wish with no claim from your surviving spouse.

Buhle Langa

Often, a home will be registered in one partner’s name while the other contributes to the bond repayments. If you are not married or are married out of community of property, ensure that you have a written cohabitation agreement. These financial contributions can be difficult to prove if the relationship ends, leaving the one partner with no claim to the property.

Having sufficient planning in place for both parties is always advisable, and each party should have their own savings and investments. A tax-free savings account is a great place to start, allowing you to save up to R36 000 a year without paying tax on the growth.

Increasing your contributions to your work retirement fund will help you accumulate larger savings for your retirement. To take advantage of the benefits of compound interest and avoid a hefty tax liability, it is also advised to keep your retirement savings invested when changing jobs. When leaving your employer, a number of tax-free options are available to you and one should seek financial advice in order to understand which of these is the best choice for you:

  • Transferring your savings to your new employer fund
  • Transferring your savings into a retirement annuity fund
  • Transferring your savings into a preservation fund
  • Keeping your funds invested within your previous employers retirement fund through a paid up status (not contributing further to the fund).

Each of the options noted have varying implications such as when you would be able to access the retirement funds either through resignation, dismissal or retirement and whether you are able to continue contributing towards the fund, therefore each individual person would need to seek financial advice from an accredited financial advisor so as to determine which option would best suit their individual needs.

Regular consultations with a certified financial planner will ensure that you are on track for a secure retirement.

Continue Reading



Business8 hours ago

Solving the Future of Decarbonisation in Real-Time

Jamil  Ahmed, Distinguished Engineer at Solace   The energy sector has faced many disruptions and challenges in recent years, from...

Banking14 hours ago

Resilient technology is the most important factor for successful online banking services

By James McCarthy, Director of Solutions Engineering, NS1   More than 90 percent of people in the UK use online...

Technology14 hours ago

Why anti-spoofing fingerprint technology is essential for the continued growth of digital payments

Anthony Eaton, CTO, IDEX Biometrics   The digital payments revolution is being driven by consumer demand for ever increasing convenience....

Finance15 hours ago

Why Financial Services must ‘Change its Change’ to deliver results

By Hervé Mazenod, Managing Director, Financial Services Sector at Webhelp  You can almost hear the collective sigh of relief from financial...

News15 hours ago

Real-time payments are here to stay and with good reason 

Real-time Payment (RtP) models are here to stay for the foreseeable future alongside traditional payment schemes. But as businesses increasingly...

Business15 hours ago

Criminal Minds: Account Opening Fraud Tactics put to the Test

By Raj Dasgupta, Director, Global Advisory, BioCatch   The last two years have created a perfect storm for account opening...

Business4 days ago

Know Your Business (KYB): Exceeding KYC

Victor Fredung, CEO at Shufti Pro   Money laundering costs the UK more than £100 billion pounds a year, according...

Finance1 week ago

Mini-Budget 2022:

Tax giveaway is a boost for business, but will it drive growth or fuel inflation?   Chancellor Kwasi Kwarteng has...

Finance1 week ago

A zero trust environment is critical for financial services

Boris Bialek, Managing Director of Industry Solutions at MongoDB Not long ago security professionals were still focused on protecting their...

Banking1 week ago

Digital Banking – a hedge against uncertainty?

Ankit Shah, Head of Digital Banking, Apex Group   The story of the 2020’s thus far is one of crisis....

News2 weeks ago

Union Bank of India goes live with RuPay Credit Card on UPI with as a technology partner

Nitesh Ranjan, ED Union Bank of India with Rajesh Mirjankar, Managing Director & CEO, at the launch,...

Finance2 weeks ago

Anyone Can Become an R&D Tax Expert with the Right Foundations

Ian Cashin is a Customer Success Manager at Fintech company and R&D tax software provider WhisperClaims   For accounting firms,...

Business2 weeks ago

Addressing the ongoing global pilot shortage issue

By Bhanu Choudhrie, Founder of Alpha Aviation   The Covid-19 pandemic brought the aviation industry to a halt, causing vast...

Business2 weeks ago

How exporters can mitigate risks and operate smoothly in stormy, post-Brexit waters

By Morgan Terigi is Co-Founder and CEO of Incomlend   The past few years have presented a series of hurdles...

Business2 weeks ago

From employees to customers, workforce management can benefit the entire banking ecosystem

Michael Cupps, SVP of Marketing of ActiveOps explores the significant impact workforce management can have on the employees and customers...

Business2 weeks ago

Redefining the human touch with digital transformation

Simon Kearsley, CEO of bluQube   It may not be a new phrase, but digital transformation is still inducing anxiety...

Finance2 weeks ago

CFOs – the forgotten ally in the fight against ransomware

Justin Vaughan-Brown, VP Market Insight at Deep Instinct   Ransomware attacks have nearly doubled in the past couple of years....

Technology2 weeks ago

7 cost benefits of cloud accounting software

By Paul Sparkes, Commercial Director of iplicit, an award-winning accounting software developer   Is your accounting software having a laugh...

Business2 weeks ago

How does Identity Access & Privileged Access Management help in PCI DSS Compliance?

Narendra Sahoo is a director of VISTA InfoSec. Introduction The Payment Card Industry Data Security Standard also commonly referred to...

Finance2 weeks ago

Listed private debt deserves a closer look from investors

By Michel Degosciu, Managing Partner, LPX AG Over the past few years, the private debt asset class is attracting serious...