Article

Awareness of the major sources of cyber threats is essential in developing an effective cybersecurity strategy for protecting retirement, pension, health, and welfare plan (collectively employee benefit plans or “EBP”) data and assets. This briefing explores some of the primary origins of cyber threats, shedding light on this modern menace for plan fiduciaries and its complex and multifaceted nature.

The landscape of cyber threats is dynamic and multifaceted, with various actors and motivations at play.

Seven source threaten EBP assets and data

The cybersecurity of EBPs and other workplace programs may face threats from various external sources. Here are some key external sources that pose a risk to the confidentiality and privacy of employees’ information:

Hacktivism

Hacktivism is a form of cyber threat where individuals or groups with ideological or political motivations engage in unauthorized activities to promote their agenda. These actors may deface websites, leak sensitive information, or disrupt online services to draw attention to their causes. Prominent hacktivist groups like Anonymous have been known to launch cyberattacks against government entities, corporations, and organizations to advance their social or political beliefs.

Cybercriminals

Cybercriminals are motivated by financial gain and are responsible for a significant portion of cyber threats. They employ various tactics to steal money or valuable data from individuals and organizations, including phishing, ransomware attacks, and identity theft.

The underground cybercrime economy thrives, with criminals continuously developing sophisticated tools and techniques to exploit vulnerabilities.

Nation-State Actors

Nation-state actors, including intelligence agencies and military organizations, pose a significant cyber threat. These state-sponsored hackers conduct espionage, disrupt critical infrastructure, and engage in cyber espionage to gain a strategic advantage. Notable examples include the Russian hacking group APT29 (Cozy Bear) and the North Korean Lazarus Group, which have been implicated in high-profile cyberattacks.

Insider Threats

Insider threats originate from individuals within an organization who abuse their access privileges to compromise data or systems. These individuals may be current or former employees, contractors, or business partners. Insider threats can result from negligence, disgruntlement, or deliberate malicious intent. Preventing insider threats requires a combination of technical controls and employee training.

Malware and Malicious Software

Malware, short for malicious software, is a common source of cyber threats. It includes viruses, worms, Trojans, spyware, and ransomware. Cybercriminals use malware to infect computers, steal data, disrupt operations, or hold data hostage. The distribution of malware often involves deceptive tactics such as email attachments, malicious links, or drive-by downloads.

Phishing Attacks

Phishing attacks are a form of social engineering where cybercriminals impersonate trusted entities to deceive individuals into revealing sensitive information like login credentials or financial details. Phishing emails, text messages, and websites are designed to appear legitimate, making them a potent source of cyber threats. Effective cybersecurity awareness training is crucial to mitigate the risk of falling victim to phishing attacks.

Service Providers

Supply chain vulnerabilities have become a source of cyber threats in recent years. Cybercriminals may target the weaker links in a supply chain to gain access to larger data pools.  For example, intrusion into a payroll provider’s system can yield e-mail addresses of plan participants that can be used to make fraudulent withdrawal requests from their retirement plan accounts. This approach was evident in the Colgate-Palmolive cyberattack in 2020, where a malicious actor compromised a 401(k) plan recordkeeper, obtained a participant’s e-mail address, and used it to get away with the full $750,000 balance in her account.

Conclusion

The landscape of cyber threats is dynamic and multifaceted, with various actors and motivations at play. Understanding the major sources of cyber threats is crucial for plan committees to ensure their plans’ vendors and IT departments bolster their cybersecurity defenses.

While there is no one-size-fits-all solution, proactive measures such as robust cybersecurity practices, employee training, and threat intelligence sharing can help mitigate the risks posed by these digital dangers. As cyber threats continue to evolve, so must our efforts to protect the digital realm.


Would you like to learn more about our employee benefit plan
risk management capability?


Manage your threats digitally

Cybersecurity threats from external sources can be managed digitally through a combination of technological solutions and best practices.

Real-time tracking of third-party data networks, such as they used by recordkeepers and health care providers, is a state-of-the-art technology capability found in Cyber-ProtectRC from Roland|Criss.

Visit Us On TwitterVisit Us On Linkedin