Over the last few years, cyber security has focused on incidents where there is no contact with the criminal. That is, a data breach would occur and the criminal would be long gone before the victim knew there was an issue. Recently, we have seen cyber security incidents evolve to a point where the victim and criminal must confront each other in some manner. One example is the rise of ransomware, where the victim must negotiate with the criminal to regain access to their data. Some insurers have already responded to the ransomware risk by offering cyber extortion endorsements.
Another example where victims and criminals interact is cyberbullying, where the victim is harassed by a criminal via e-mail or social media. Recent statistics show many schools and households are struggling with cyberbullying. For example, the U.S. Department of Health and Human Services provides the following facts and statistics related to cyberbullying:
- Cyberbullying can happen 24 hours a day, 7 days a week, and reach a kid even when he or she is alone.
- Cyberbullying messages and images can be posted anonymously and distributed quickly to a very wide audience.
- It can be difficult and sometimes impossible to trace the source. Deleting inappropriate or harassing messages, texts and pictures is extremely difficult after they have been posted or sent.
Additionally, the 2013-2014 School Crime Supplement (National Center for Education Statistics and Bureau of Justice Statistics) indicates that 7% of students in grades 6–12 experience cyberbullying. The 2013 Youth Risk Behavior Surveillance Survey also finds that 15% of high school students (grades 9-12) were electronically bullied in the past year.
Last year, the Colorado legislature enacted “Kiana’s Law” to address cyberbullying. Kiana’s Law is named after Colorado teenager Kiana Arellano, who tried to commit suicide after receiving anonymous bullying text messages such as “you’re pathetic,” “nobody likes you at school” and telling Kiana she should kill herself. After attempting suicide, Kiana was left with a traumatic brain injury. The person that sent these messages was not prosecuted since there was no law prohibiting this conduct at the time.
Cyberbullying is not limited to children, as reports indicate that 73% of American adults online have seen someone be harassed online and 40% have personally experienced it. For example, musician Carrie Underwood was recently the target of cyberbullies who accused her of being “fake” and having plastic surgery.
Under Kiana’s Law, cyberbullying is now a misdemeanor form of harassment in Colorado, punishable by a fine of up to $750 and/or up to six months in jail.
In December 2015, Chubb Insurance began offering cyberbullying insurance coverage in the United Kingdom for cyberbullying victims, including counseling and lost income benefits for work missed due to harassment. Chubb’s policies define cyberbullying as “three or more acts by the same person or group to harass, threaten or intimidate a customer.” Last week, Chubb expanded it’s cyberbullying coverage outside of the U.K. to customers in Colorado, Illinois, Indiana and Wisconsin, which will provide $60,000 toward expenses caused by cyberbullying to its policyholders.
It is becoming increasingly clear that cyber crime is evolving to catch victims before they have the opportunity to put safeguards in place. For example, just as corporations and individuals started implementing plans and insuring against a data breach risk, criminals changed tactics and moved onto ransomware and cyberbullying. Therefore, the only way to implement proper technology and insurance safeguards is to vigilantly monitor cyber crime trends.