Nearly three-quarters (74%) of Americans worry occasionally or frequently about having their personal information stolen by computer hackers. These fears aren’t unfounded: Nearly 850,000 cybercrimes were reported to the Federal Bureau of Investigation in 2021, with potential losses estimated at $6.9 billion.
Personal cyber insurance is an emerging type of coverage for cybercrime, including internet fraud and cyber attacks. Learn how cyber coverage for individuals works and how it could help protect your assets from online threats.
Weaknesses In Your Home’s Cybersecurity
Many Americans rely on their home internet networks for day-to-day tasks like making purchases, paying bills, and staying in touch with friends and family. Unfortunately, criminals take advantage of this technology to commit internet fraud and other cyber crimes.
Home cybersecurity is the practice of defending a household from these online threats. It includes protecting the home network and any internet-connected devices, such as computers, smartphones, and tablets. It also includes making online accounts more secure.
When cybercriminals find weaknesses in a home’s cybersecurity system, they can steal the sensitive information they need to commit identity theft or other crimes. Some criminals even hold computer files or systems hostage in exchange for a ransom.
Two recent trends expose Americans to a greater risk of cybersecurity incidents: the rise of working from home and the increasing popularity of smart devices.
Working From Home
The number of Americans working from home soared during the COVID-19 pandemic, and as of June 2022, 78% of people who could do their jobs remotely were working from home at least part of the time. Since workplaces often possess cybersecurity measures that remote workers lack, the transition to remote work exposed employees to new security threats.
The weaknesses of home cybersecurity are partly due to differences in hardware. For example, business-grade routers have more advanced security features than routers available to consumers. Similarly, business-grade computers include additional features that help keep data secure.
Another weakness of at-home cybersecurity is the lack of professional support. Workplace information technology (IT) departments maintain layers of protection to thwart cyber threats, from filtering out malicious emails to blocking users from installing new programs that contain malware. They also ensure the software is kept up-to-date, which is essential because outdated applications may have known flaws for hackers to exploit.
In 2020, 28% of Americans had at least one smart home device, while 11% had three or more. These devices are convenient, from smart speakers to connected thermostats to video doorbells, but they can expose consumers to cybersecurity threats.
Smart devices are an attractive target for cybercriminals because they’re weak spots in consumers’ home networks. Many smart devices have no password or an easy-to-guess default password, and some consumers don’t take advantage of device security features like encryption. Connected devices with software flaws or vulnerabilities provide opportunities for hackers to gain access.
Due to these weaknesses, many security incidents involving smart devices have been reported. For example, hackers have exploited fax machines to access sensitive data on the network or taken control of connected cameras or microphones to spy on consumers.
Common Breaches of Cybersecurity
Cybersecurity breaches occur when criminals succeed in their attempts to break into home networks, internet-connected devices, or online accounts. Like offline criminals who gain access to homes through unsecured doors or weak locks, cybercriminals take advantage of weak spots in a home’s online security.
There are many potential types of cybersecurity breaches. However, some common types include internet fraud, cyber attacks, ransomware, data leaks, and cyberbullying.
Internet fraud is a broad term that entails using the internet to trick or cheat someone to obtain money illegally. Spoofing and phishing are common types of internet fraud; criminals create fake emails or websites to trick consumers into sharing personal information, such as account numbers and passwords.
With this stolen information, cybercriminals may apply for fraudulent loans and credit cards in victims’ names or transfer funds out of victims’ bank or brokerage accounts. These crimes can leave victims with financial losses or damaged credit histories.
Cyber attacks, commonly known as hacks, are attempts to break into computer systems or networks, typically to steal data or cause damage. For example, cybercriminals might infect computers with malicious software (malware) to steal sensitive information or use password-cracking tools to break into consumers’ accounts.
When cyber attacks are used to commit online fraud, victims may have money stolen from their bank accounts or have their credit histories negatively impacted by fraudulent loans. Malware often impacts the performance of consumers’ devices, resulting in frequent crashes, excessive pop-up ads, and reduced battery life; in some cases, infected devices become unusable.
Ransomware is malware that turns computer files into unreadable code to render them unusable. Criminals then demand ransom money to restore the files to their original state and sometimes threaten to sell victims’ private data if the ransom isn’t paid.
Ransom demands higher than $1 million have been reported, and there’s no guarantee that people who pay the ransom will regain access to their files. Cybercriminals use tactics to make it harder to restore the system, such as deleting backups, so recovering from a ransomware attack may mean hiring a data recovery specialist.
Data leaks happen when sensitive information — like addresses, Social Security numbers, credit card numbers, and account passwords — is accidentally exposed online. Leaks occur for many reasons, from companies storing data in insecure databases to individuals mistakenly sending private information to the wrong person.
However a data leak occurs, it gives criminals access to the personal information they need to commit identity theft-related crimes. These crimes include using leaked personal information to apply for credit in victims’ names or falsely filing tax returns to steal victims’ refunds.
Cyberbullying, also known as online harassment, means using the internet to harass or threaten another person. The goal is typically to shame the victim or damage their reputation. Cyberbullying practices include posting defamatory statements, sharing sensitive photos, or impersonating someone online.
Damage to victims’ reputations may result in the loss of a job, expulsion from school, and in some cases, criminal charges. Other potential costs of recovering from cyberbullying include legal, public relations, or relocation fees.
What Does Cyber Insurance Cover and How Does It Work?
Personal cyber insurance typically offers coverage for the common breaches of cybersecurity outlined above, though the specifics of this coverage vary from insurer to insurer. Some insurers offer coverage for additional cybersecurity-related incidents.
Online fraud coverage helps cover policyholders’ financial losses when scammers steal money from bank accounts. It also helps cover other costs of recovering from internet fraud, such as legal fees or credit monitoring services.
Cyberattack coverage helps policyholders pay for data recovery and device clean up after a hack. For instance, it might pay for scanning and removing malware or reinstalling the operating system. Some policies pay for replacing digital property, such as music or eBooks.
Ransomware coverage, also known as cyber extortion coverage, helps policyholders regain access to their computer systems. Depending on the policy, this coverage may pay for support from data recovery specialists or funds to pay a ransom.
Data leak coverage helps policyholders respond to breaches of privacy that affect their finances. For instance, some policies pay for credit monitoring services to alert consumers of potential fraud.
Cyberbullying coverage pays for certain costs related to cyberbullying incidents. Depending on the policy, these costs could include lost wages, legal fees, and relocation fees. Some policies cover mental health care to help cyberbullying targets cope with the experience.
Some insurers offer additional services as part of their home cyber protection coverage. These extras include internet security software or access to cyber risk specialists who provide personalized advice about staying safe online.
What Does Cyber Insurance Not Cover?
Exclusions vary from insurer to insurer. In general, personal cyber insurance doesn’t cover breaches of cybersecurity related to:
- Business activities: Business-related incidents (such as a breach of customer information) fall under commercial cyber liability insurance.
- Negligence: Insurers expect policyholders to take steps to maintain their home’s cybersecurity, such as choosing strong passwords.
- Widespread events: “Widespread” cyber attacks are those carried out against thousands or millions of individuals.
- Acts by certain people: Insurers exclude coverage for cyberattacks carried out by people close to the policyholder, such as family members or roommates.
Ask your agent or insurer for details about what a specific personal cyber insurance policy doesn’t cover.
Do You Need Cyber Insurance?
Insurance for cybercrime is designed to help shield Americans from the financial costs of cyber attacks and other online threats. Consumers may benefit from home cyber protection coverage if they live in the 85.3% of households with an internet subscription.
While anyone who uses the internet could be affected by cybercrime, some consumers may see more value in personal cyber insurance coverage than others. This includes people who use mobile banking apps to manage money or investments and have multiple smart devices connected to their home networks. This type of coverage also appeals to social media users who are concerned about cyberbullying.
Talk to a trusted agent to help determine if insurance for cybercrime makes sense for your family.
How To Buy Cyber Insurance Protection
Some insurers offer personal cyber insurance coverage as an endorsement for homeowners or renters insurance policies. Standalone cyber insurance for individuals is also available. Work with a trusted agent to buy insurance for cybercrime.
The cost of adding personal cyber protection to a homeowners or renters insurance policy varies, but premiums tend to be relatively affordable. The annual premium for $25,000 in cyber insurance protection ranges from around $20 to $60 per year. For $50,000 in coverage, consumers pay around $40 to $85 per year. Higher coverage levels are available from some insurers.
Some home insurers don’t offer cyber insurance endorsements, but policyholders have other options. Identity theft coverage is a widely available endorsement that covers costs related to financial fraud, including online fraud committed by cyber criminals. Standalone personal cyber insurance is an option for consumers who want coverage for a broader range of online threats.
Simple Steps to Protect Yourself Online
Cyber insurance for individuals doesn’t replace the need for home cybersecurity. To protect yourself online, take simple steps to harden your home against cyber criminals:
- Choose strong passwords: The most commonly used passwords in 2022 were “password” and “123456,” which are easy for hackers to guess. For more robust security, choose complex passwords that contain a variety of letters, numbers, and symbols.
- Use VPN software: Virtual Private Networks (VPNs) are designed to help consumers shield their online activity from cybercriminals.
- Update devices and software: Updates are developed to repair security holes in operating systems and software. Out-of-date programs with security flaws are easily exploitable by cybercriminals.
- Turn on 2-factor authentication: This security feature is designed to prevent cybercriminals from accessing accounts with stolen passwords. Users are prompted to enter a unique access code (often sent by text or email) to prove they’re the account owner.
- Back up critical files: Make extra copies of important files to reduce the risk of losing digital data to a ransomware attack. Potential backup locations include external hard drives and cloud-based storage.