Insurers have actually excluded war damage by default in their contracts. This also applies to cyber policies, which are becoming increasingly popular with attacks on corporate systems over the internet. But if the Russian war of aggression against Ukraine actually spread to the systems of companies and state institutions, insurers could face billions in payments despite all the clauses.
A major cyberattack can quickly cost $20 billion or more – that’s the same as a major hurricane in the US. It is often difficult to prove who is really behind a cyber attack. The contracts speak abstractly of “state-backed actors”. What this covers is difficult to define and must be reassessed for each claim, Bruce Carnegie-Brown, head of London’s insurance market Lloyd’s, told Reuters.
room for interpretation
At least in the West, no cyber attacks have been recorded since the Russian invasion of Ukraine. However, according to the US government, Russian hackers are “preparing” for attacks on US companies. However, it is unclear if they will eventually get serious.
But even if an insurer can prove that a cyberattack on one of its customers was the result of the war in Ukraine, it may not be enough to enforce war exclusions. Because the wording in the contracts is inconsistent and leaves room for interpretation, says insurance expert Marcos Alvarez of rating agency DBRS Morningstar.
quarrel inevitable
A fight is inevitable. For example, a gray area is “cyber terror attacks”, which are basically covered according to the contracts. The term is so broad that customers can refer to it very extensively, says Yosha DeLong, cyber boss at insurance company Mosaic. “If there is ambiguous wording in a contract, it is to the benefit of the customer and not that of the insurer.” Only in January did a court in the US state of New Jersey agree with US pharmaceutical giant Merck, which had sued its insurer for $1.4 billion. In 2017, Merck was the victim of the “NotPetya” cyber attack, for which the Washington government blamed Russia.
The war in Ukraine has been happening online for a long time. According to a report by the analytics firm CyberCube, there have been attacks on critical infrastructure, government services, banks and telecommunications in Ukraine. But government agencies in Russia are also the target of cyber attacks, which have even spread to neighboring countries such as Belarus, Poland, Lithuania and Latvia. Meredith Schnur, who is responsible for the topic in the US and Canada at insurance broker Marsh, says some cyber insurers are already considering excluding Russia and Ukraine from coverage altogether.
Premiums shot up due to ransom
Cyber insurance premiums skyrocketed in Ukraine long before the war. The main reason for this is the ransom demanded by Internet blackmailers. They no longer demand lump sums, but determine exactly how much their victim can – or must – pay. According to Marsh, premiums more than doubled in the US and nearly doubled in the UK in the fourth quarter. Industry circles say it will continue on a similar scale this year.
Numerous companies no longer dare to insure large companies against attacks from the Internet, or only in syndicates, and prefer to concentrate on medium-sized companies. “Ukraine and Russia are only increasing the pressure on premiums and availability,” says an adviser.
Source: Krone
I’m Wayne Wickman, a professional journalist and author for Today Times Live. My specialty is covering global news and current events, offering readers a unique perspective on the world’s most pressing issues. I’m passionate about storytelling and helping people stay informed on the goings-on of our planet.
