Defend Insurance Companies Against Cyberattacks

Cyberattacks against insurance companies are on the rise

The insurance industry has always been an attractive target for cybercriminals because of the significant amount of sensitive data they hold. But now the frequency and intensity of cyberattacks against the insurance industry are rising.

The prime target for attackers is the identity system, which for most organizations, including insurance companies, is Active Directory. AD is involved in 9 out of 10 ransomware attacks, according to Mandiant researchers. The consequences can be severe, including financial losses, reputational damage, and legal ramifications.

amount CNA Financial Corp paid in 2021 to Phoenix CryptoLocker ransomware operators
of the largest insurance carriers are susceptible to phishing
is the likelihood insurance companies have experienced a cyber breach than other sectors

AD is a common target in attacks against insurance companies

The majority of businesses worldwide use Microsoft Active Directory as their primary identity store—the method by which they control access to company information systems. And Active Directory has inherent security weaknesses that are frequently exploited by cybercriminals. Semperis has helped some of the largest insurance companies in the world recover AD from cyberattacks.

Learn more

Gain control of identity security

If Active Directory isn’t secure, nothing is. Semperis helps insurance companies prevent, mitigate, and recover from identity-related breaches.

Challenges

checklist icon
Solutions

Cybercriminals target insurance companies’ Active Directory environments because as a 20-plus-year-old technology, AD has inherent security soft spots that are easy to exploit.
Semperis scans your AD environment to uncover indicators of compromise (IOCs) and indicators of exposure (IOEs) resulting from misconfigurations over time or from in-progress attacks.
After gaining entry into an insurance company’s information systems, malicious actors can move laterally through the environment, often flying under the radar for weeks or months.
Semperis flags in-progress attacks that go undetected by SIEMs and other traditional log-based or agent-based solutions. Plus, Semperis autonomously rolls back malicious AD changes and offers manual rollback for Azure AD.
Cyberattacks can bring insurance companies to a halt, increasing the likelihood of businesses paying hefty ransoms rather than compromising customer data, which can lead to millions of dollars in legal damages as well as reputational damage.
Semperis cuts the time to fully recover the Active Directory forest from days or weeks to minutes or hours, ensuring that insurance companies can quickly resume operations without fear of reintroducing malware that could bring the business down a second time.

Why AD systems in insurance companies are vulnerable

Insurance companies are a prime target for cyberattackers because they are lucrative targets: They hold large amounts of personal data, are vulnerable to supply chain attacks related to line-of-business software, and frequently embrace online services for customers’ convenience. IT and security teams in insurance companies face multiple challenges related to identity security:

Supply chain attacks
Data security
Interconnected with sources of other businesses
Adoptions of new online services
Massive amount of personally identifiable information (PII)
Limited budgets

How Semperis helps insurance companies defend against AD attacks

Without the Active Directory AD-specific protection that Semperis provides, insurance companies are vulnerable to cyberattacks.

Here’s how Semperis helped a large European insurance company recover from an AD-related attack.

French insurance company combats active ransomware attack with help from Semperis

Situation

An in-progress attack on a large French insurance company threatened to compromise the entire system.

Challenge

Attackers gained access to the company’s AD environment by exploiting misconfigured security settings.

Solution

Semperis’ Purple Knight security assessment tool found numerous AD based indicators of exposure and compromise.

Benefits
  • Detected vulnerabilities and closed security holes
  • Eliminated numerous additional indicators of exposure
  • Provided proactive continuous protection with Directory Services Protector

Defending insurance organizations against AD-related attacks

Learn how Semperis helps organizations defuse in-progress attacks.

Watch now

Leading insurance companies trust Semperis

Top insurance companies rely on Semperis to safeguard their most valuable assets, maintain compliance, and achieve operational efficiency in an ever-evolving digital landscape.

#2

AUTO INSURER IN THE US

#3

HEALTH INSURER IN THE US

Our mission resonates with industry leaders
Manufacturing

The Purple Knight report helped us take action on items right away, such as shutting down or disabling Active Directory accounts that shouldn’t have been enabled. And then it helped us develop a long-term maintenance plan.

Learn more Kevin Dreyer CISO, Maple Reinders
Amoco Federal Credit Union

Semperis was able to backup and restore AD insanely quickly. During our testing, we were able to back up and restore our Active Directory within 20 minutes to a completely different datacenter with minimal downtime. During a normal backup scenario, that could take 24-36 hours.

Paul Ladd AMOCO Federal Credit Union VP of Information Systems & Technology
Gartner Peer Insights

We have lots of changes happening to our Active Directory environment, adding Linux servers, etc… [Directory Services Protector] helps us monitor and revert dangerous changes with one button click.

Read review IT Team Member, Enterprise Organization

Our resources

Learn more about how to defend against identity-related cyberattacks.