case study
DDoS Attacks: Business Interruption Intervention
In today’s digital economy, even small companies can suffer under the siege of malicious cyber attacks — whether for extortion or entertainment. When threat actors deployed a distributed denial-of-service (DDoS) attack to disrupt a toy retailer's website traffic, Coalition helped plug the attack vector and provided business interruption coverage.
Industry
Specialty Retail
Background
1-25 employees
Coverages for business interruption and breach response
Case Study
When hackers try toying with business operations.
A specialty toy retailer received an email threatening continued DDoS attacks unless the retailer conceded to the attacker’s demands. The policyholder had experienced once-daily attacks which took their store offline for four to five minutes at the time they received the email, which was passed from the customer support team to the CEO. The CEO reached out to Coalition, using our standard communication channel, approaching 9 pm California time. We responded within 20 minutes, and within an hour, we were on the phone with the CEO.
After a brief explanation, the CEO looped in the company’s IT team which runs their custom e-commerce infrastructure. We started a multi-time zone call to dive in, combing through logs, reviewing DNS settings, and digging into firewall configurations. During the conversation, the company updated its security groups, proxied (protected) more traffic, and changed its server’s public IP address. After some more back-and-forth, we uncovered a firewall rule put in place long ago which allowed all traffic from the United States through, regardless of other protections.
Once this rule was removed, all was well. The attackers returned in the following days, but their throttled attempts were not disruptive, and the attack activity stuck out like the proverbial sore thumb — easy to mitigate.
Business interruption is the key coverage in play. If a security failure such as a DDoS disrupts your business, you may qualify for lost income and expenses under your insurance policy. Coalition is unique in the marketplace in that our waiting period does not act as a deductible, just a trigger for the time period that a business interruption must satisfy prior to coverage being available. Several services qualify for Coalition’s enhanced waiting period, which means less interruption (only one hour) before coverage kicks in.
Coalition provides Active Risk Assessment of an organization’s real-time cyber risk, Active Protection through continuous threat monitoring, and Active Response to incidents if they occur — providing the most comprehensive insurance available to solve cyber risk.
Ready to learn more?
Blog
Our brokers and policyholders get access to all of the intel we have on how to prevent, remedy, and recover from breaches of all kinds.
Newsroom
We’re bringing a new approach to managing digital risk, and the world has noticed. Here’s what people are saying about Coalition.
Careers
We’re a team of experts, backed by powerful partners, developing a safer world.
Coalition’s products are offered with the financial security of Allianz Group* (A.M. Best A+ rating), Arch Specialty Insurance Company (A.M. Best A+ rating), Ascot Group** (A.M Best A rating), Fortegra Group (A.M. Best A- rating), Lloyd’s of London (A.M. Best A rating), Swiss Re Corporate Solutions*** legal entities (A.M. Best A+ rating), Vantage Risk Specialty Insurance Company (A.M. Best A- rating), and Chaucer Insurance Company DAC (A.M. Best A rating).
