Tokio Marine Insurance Singapore hit by ransomware attack

A ransomware attack on an insurance company can often lead to serious repercussions. Despite all the protections taken, cybercriminals still always find a way to launch cyberattacks on them.

Tokio Marine Insurance Singapore, a subsidiary of Tokio Marine Group announced it was hit by a ransomware cyberattack last week. The insurance company released a statement saying that has taken necessary measures including the isolation of the network to prevent further damages and filed the necessary reports to local governmental agencies. In a response to the incident, Tokio Marine Group has been working to identify the scope of damages.

“At this time, we can confirm that there is no indication of a breach of any customer information nor confidential information of the Group. We have appointed an external specialized vendor to perform a third-party analysis of the systems to verify the scope of impact,” said the statement.

The insurance company also confirmed that the ransomware cyber-attack exclusively affected the Singapore subsidiary only, and there is no damage or impact on other group companies. The insurance group has taken information security safeguards so far and will endeavor to make further efforts to keep customer information as well as confidential information protected.

Could the ransomware attack have been avoided?

Tech Wire Asia reached out to several cybersecurity experts to get their views on the ransomware attack.

For Jonathan Knudsen, senior security strategist at Synopsys, “as details about the Tokio Marine Insurance Singapore ransomware attack continue to emerge, questions will be asked. The most common ones on everyone’s mind is will the ransom be paid? Can data be recovered? What kind of damage will this cause? The only question that matters is: how can a problem like this be prevented?”

Jonathan explained that the reason ransomware is so successful is that so few organizations are properly prepared. Organizations often focus solely on functionality when selecting, deploying, and operating software. They work hard to make software do what they want it to do, but security and robustness are often neglected or ignored. To prevent accidental or malicious disruptions, organizations must adopt a proactive, security-first approach to software.

“Where is your data? How is it protected? If something bad happens, like a ransomware attack or a tsunami, how will you recover? Software is a powerful tool for organizations of all kinds, but it must be selected, deployed, operated, and maintained inside a framework of security and resilience.”

Meanwhile, Stephane Konarkowski, Security Consultant at Outpost24, believes that visibility is key as cybercriminals are now targeting insurance companies. He commented that it is essential for insurance security professionals to have continuous insights into their digital footprint and attack surface, as very often they are in the dark about how publicly exposed they are which will impact their security posture.

“Insurance providers need to better understand the underlying attack vectors that could impact their overall security, and take a more proactive approach to improve cyber hygiene by closing off potential backdoors, before hackers find them. This can only be achieved through continuous assessment and monitoring,” said Stephane.

While Tokio Marine Insurance Singapore is a subsidiary, the fact that remains is businesses in Singapore are still being heavily targeted by cybercriminals due to a lack of security. Be it large subsidiaries or SMEs, they are all at risk of being targeted.

If a large subsidiary in a highly regulated industry can end up being a victim of ransomware, there is no saying how the smaller businesses are coping with the growing and evolving threats out there. Companies need to prioritize cybersecurity, even if it means investing more in it as failure to do so may only lead to harsher consequences.

 

---

---

---

---