Guidewire Cyence Identifies Hundreds of Companies Impacted by Cyber Vulnerabilities

Our aspiration at Guidewire Cyence is to enable insurers to establish themselves as the ultimate cyber risk transfer destinations for their clients. Guidewire Cyence Risk Analytics is the most advanced cyber solution available—an economic cyber risk modeling solution that adjusts as the cyber landscape shifts. Guidewire Cyence continuously gathers data and updates economic models based on changing circumstances, delivering tangible benefits to insurers and their customers as they face the volatility generated from evolving 21st-century risks.

To further our commitment, we’ve adopted a proactive approach to help insurers understand their exposures and craft strategies to mitigate losses.

Guidewire Cyence Takes Action

When a cyber vulnerability is identified by a credible source (such as NIST), the Guidewire Cyence team works to reverse-engineer the identified vulnerability, but for a different reason from the hackers. By understanding the mechanism, our engineers isolate the publicly observable characteristics of a firm’s cyber profile that suggest its susceptibility to such a vulnerability. We leverage a custom assessment tool that collates these characteristics from our data collection engine and identifies the affected firms.

In a recent Cyber Bulletin, we informed our customers of the following vulnerabilities that were recently discovered in commonly used hardware and software. Guidewire Cyence customers could then determine if these vulnerabilities impacted the companies in their portfolios and contact their affected policyholders to inform them of the patches and other safety workarounds.

Zyxel NAS and Firewall Vulnerability

A vulnerability was discovered on Zyxel NAS (Network Attached Storage) and firewall products. This vulnerability could allow attackers to remotely execute code on a vulnerable device.

Zyxel released patches for devices that are in their warranty and support period, but the vulnerability also affects unpatched devices that are no longer under warranty. Guidewire Cyence identified 126 companies in the Guidewire Cyence database that could be impacted for this reason.

Microsoft Exchange Server Vulnerability

A vulnerability was discovered in Microsoft Exchange Server that could allow an attacker to run arbitrary code on the server, thereby fully compromising the server.

The vulnerability exists in Microsoft Exchange Server 2010, 2013, 2016, and 2019. Although Microsoft has released program updates that eliminate the vulnerability, Guidewire Cyence has identified 591 companies in the Guidewire Cyence database that use this software and could be vulnerable.

Apache Tomcat Vulnerability

A vulnerability was discovered in Apache Tomcat that could allow an attacker to perform the following actions:

• Install and execute programs

• View, change, and delete files

• Create new accounts with full user rights

The vulnerability exists in all supported versions of Tomcat. The Apache Software Foundation has released updated versions that eliminate the vulnerability. Guidewire Cyence identified 619 companies in the Guidewire Cyence database that use this software and could be vulnerable.

Guidewire Cyence Support

Guidewire Cyence products provide meaningful benefits to insurance companies and their customers. Not only can insurers proactively guide their customers to avoid the pain and cost of a cyberattack, but insurers can better manage their business over the long run. Guidewire Cyence products enable insurers to apply their expertise and capital more confidently.

If you are an existing Guidewire Cyence customer, our team can examine the companies in your portfolio and identify those that might be vulnerable to the described issues. To request this service or to ask a question, contact us at cy-support guidewire.com.

A special shout out to Andy Zhang, Principal SecOps Engineer for Guidewire Cyence, for evaluating the vulnerabilities and architecting the assessment scans.