Gallagher targeted by a ransomware attack

US broker Arthur J Gallagher & Co has revealed that it has been on the receiving end of an attempted ransomware attack.

According to the broker, it first detected the ransomware attack on 26 September 2020.

In an 8k filing with the US Securities and Exchange Commission (SEC) the broker said:

“We promptly took all of our global systems offline as a precautionary measure, initiated response protocols, launched an investigation, engaged the services of external cybersecurity and forensics professionals, and implemented our business continuity plans to minimise disruption to our customers.”

Gallagher also said in the SEC filing that it has restarted, or is in the process of restarting, most of its business systems.

“Although we are in the early stages of assessing the incident, based on the information currently known, we do not expect the incident to have a material impact on our business, operations or financial condition,” the statement said.

Gallagher did not reveal if any sensitive data was accessed by the attackers.

The attack on Gallagher comes as specialist insurer Beazley recently reported a 25% spike in ransomware attacks in the first quarter of 2020 versus Q4 2019, based on incidents reported to in-house breach response team Beazley Breach Response (BBR) Services.

The quarter also saw a significant increase in the levels of phishing attacks as criminals saw the opportunities that have been presented by the pandemic and the lockdown.

While nearly all industries reported incidents, the manufacturing sector was the hardest hit with a 156% increase in incidents quarter-over-quarter.

Although manufacturing saw the biggest rise in ransomware incidents, the most affected sectors continue to be financial services and healthcare, which together accounted for half of all ransomware attacks reported to Beazley in the first quarter.

Ransomware attacks against vendors and managed service providers (MSPs) continued to pose problems in the first three months of this year and not only for the targeted business but often their downstream clients, too. Banks and credit unions and healthcare organisations were particularly hard hit as a result of attacks against MSPs.