Cyber for Plan Sponsors

What are Common Cyber-Threats?


A cyber-attack is a digital assault by cyber-criminals using a technical device to sneak through private records on a single computer, multiple computers, or computer networks. Cyber-attacks can swiftly disable computers, swipe essential data, or hijack a breached computer as a launching point for subsequent attacks. Cyber-thefts have a variety of malicious digital strategies under their belts.

Here are a few common cyber-attack methods:

  1. Malware is malicious software that breaches a network through a particular vulnerability that sprouts when a user clicks on a suspicious link or an email attachment that subsequently installs risky software. Once within your system, malware can obtain information by transmitting data from the hard drive, block access to critical components of the network, install malware or other harmful software and disturb vital components, thereby rendering your system inoperable. Malware can pierce your security by employing spyware, viruses, ransomware, and worms.
  2. Phishing involves sending fraudulent communications that pretend to come from a reliable source. Phishing is used by cyber-criminals to snatch sensitive information like login credentials and credit card information. This practice is becoming increasingly more common as more and more companies augment their remote presence.
  3. DNS Tunneling. You may be unaware of this criminal practice, but this tactic is more common than you may think. DNS tunneling, or Domain Name Servers tunneling, is the ability to encode data of other protocols or programs in DNS queries and responses. These tunnels are used to disguise outbound traffic like DNS, conceal data that passes through an internet connection or to control and command callbacks from the attacker’s infrastructure to a compromised system.
  4. Zero-Day Exploit. A zero-day exploit strikes after a network vulnerability is detected and before a solution is applied. During this sliver of time, cyber-criminals target the uncovered vulnerability and steal data.
  5. SQL Injection. A Structured Query Language Injection, or SQL Injection, transpires when a hacker places malicious code into a server that utilizes SQL and compels servers to reveal information it usually wouldn’t.
  6. Man-in-the-middle Attack. Also known as eavesdropping attacks, this activity happens when criminals slide in between a two-party transaction. Once attackers interrupt traffic, they can filter and swipe data.
  7. Denial-of-service These attacks flood servers, systems, or networks with traffic to exhaust resources and bandwidth, resulting in the system’s inability to fulfill legitimate requests. Hackers can also utilize several compromised devices to stage this attack.

Any company that sponsors a pension plan for its employees must comply with ERISA bonding requirements. In addition, a part of the fiduciary liability of the owner of the business (the plan sponsor/fiduciary) and its plan administrators is to secure cyber liability insurance to protect its plan participant’s very sensitive, personal, confidential information. Participants in a pension plan have increased exposure to the leaking of this personal confidential information like their name, address, email, social security number, and bank account information are held within the plan, online in most cases because most plans are managed online. Cyber hackers prey on benefit plans for this reason. Therefore, obtaining Cyber Liability Insurance or pension plans is essential to meet the fiduciary responsibilities of managing a plan.

At Colonial Surety Company, we never want your company to be unprepared if a cyber-breach occurs. That’s why we have Cyber Liability Insurance for plan sponsors! Our cyber protection covers both the company and the company’s retirement plan. Our Fiduciary Liability Insurance covers the plan sponsor, and of course, the Department of Labor Required ERISA Fidelity bond protects the plan and its participants. Full circle protection with all three of these important coverages is offered exclusively by Colonial Surety Company in our two-to-three-year ERISA bond packages, which include ERISA coverageFiduciary Liability Insurance, and Cyber Liability Insurance, to give you full circle protection you can’t get anywhere else!