Will your insurer refuse your cyberattack claim?

By Samantha Cordell | January 15, 2019

1901_cyberwar_insurance_i483140097_1050wCybersecurity has already become the battlefield of the future.

The NotPetya malware attack on the 27th of June 2017 made this a reality, declared by experts as an attack by Russia on Ukraine. Other companies and countries were affected around the globe through collateral damage.

"[Insurer] Zurich refused the claim on the grounds of the attack being 'An act of war'."

Future war, Cyberattacks

The NotPetya malware attack of June 2017 made world headlines, and caused over $3 billion dollars of damage.

Australia was fortunate - most of the damage was done in Ukraine, Russia, Denmark, USA and Italy.

The fact that Ukraine was hardest hit is not a coincidence - it has been widely accepted that NotPetya wasn't the traditional Ransomware attack for organised crime to ransom for money, but an act of cyberwar by Russia on Ukraine.

One company affected in Australia was Mondelez, owners of the Cadbury chocolate brand.

Aussies came close to a national catastrophe as the chocolate factory outside of Hobart Tasmania was brought to a stop following infections of the PC-destroying malware.

18 months later, Mondelez is suing insurers Zurich after they refused to pay their $100 million USD insurance claim. Zurich refused the claim on the grounds of the attack being "An act of war".

Specifically, Zurich categorised it as a "hostile or warlike action in time of peace or war" - something no insurer will cover.

If future cyberattacks are attributed to "acts of war" between nations, we may see more insurance claims rejected. Insurance is still required to protect against other forms of cyberattack and disasters, but the risk that we could be refused a claim on "hostile or warlike" cyberattacks is concerning.

Firstly, the success of the attack will encourage more state-based cyberattacks on other nations.

Additionally, if insurers align future malware attacks with nation-state cyberwar, more claims will be refused.


What protection do I have?

For Aussie SMEs, protecting ourselves will require sensible changes to policy and procedure, and keeping fairly up-to-date with technological changes. The best defence against the possibility of an insurer refusing a claim on grounds outside of our control is to reduce the chances of being affected at all.

In summary we recommend the following:

Have all Remote Desktop servers behind a Virtual Private Network (VPN) - don't leave your business gateways Internet-facing, where only a single password is required to access key infrastructure.

Use a Multi-Factor Authentication (MFA) system - Diamond is now offering MFA as a service. Multi-Factor Authentication (also known as 2 Factor Authentication or 2FA where only 2 methods are used) is where something more than a password is required to access an account. This can be an access code sent via SMS or phone app, or responding to an email, or some form of biometric identification.

Keep using complex passwords - Passwords are still required. Until they're replaced with something better, we'll need to keep increasing their complexity and length. Consider using a password manager. Having unique passwords for each account is very important - it prevents the use of a password cracked on a weak system being used without resistance on a strong system. Using a long well known phrase is no better than a short complex password - for example just about every quote in Wikipedia is easily found and used by password cracking tools.

Regularly update software and firmware - The exploits used by NotPetya and WannaCry malware attacks happened months after the vulnerability they used were patched in Windows 10 and Windows 7. All software and firmware needs to be updated as often as is practical. The use of retired operating systems such as Windows XP, Server 2003 vastly increases your risk of becoming a victim of cyberattacks. Plan ahead - Windows 7 and Server 2008 will 'walk the plank' in less than a year, on the 14th of January 2020.

We're here to help

We offer specialist security consulting through our Diamond consultancy team, and our Business Technology Managers (BTMs) are experienced in assisting organisations in improving their cybersecurity and disaster recovery systems.

We also have available a free Cybersecurity Health Check, where you can give your organisation a quick cyberhealth checkup.

Contact us below or call us today on 1300 307 907.

TAGS: Managed IT Services, News and General, Cyber Security,

About Samantha Cordell
Samantha Cordell

Group Marketing Manager @ Diamond IT - Samantha (Sam) fell into the IT Industry after studying a combination of computer science and marketing at Uni, starting in Operations with the now decentralised Cabletron Systems. Over the next 20 years Sam undertook various marketing roles within Intel, Microsoft and Cisco Systems before moving to Newcastle for a sea-change working for Wine Selectors. “Not able to stay away from the IT Industry I jumped at the chance to join the team. I am excited to drive the marketing strategy for Diamond IT’s range of Technology Solutions."