Crazy Cyber Insurance Story – Guess who lost $1.4 Billion?
Luigi Tiano
Data Protection & Data Privacy | Podcast Host of 10 Questions to Cyber Resilience | Speaker | Co-Founder of Assurance IT ??
Crazy Cyber Insurance Story – Guess who lost $1.4 Billion?
Cyber insurance companies have an important exclusion in their insurance contracts. It’s called the “Act of War.” So, if a cybercrime is considered an “Act of War”, insurance companies do not have to cover for the damage related to a cyber attack. Well, in 2017, pharmaceutical company, Merck &Co.’s, got hacked by what we now know as NotPetya. Their insurance company denied coverage, refusing to pay, under the pretense that the attack was an “Act of War.” Merck took them to court. And won $1.4 billion. (Bloomberg )
My thoughts: This case is a huge warning sign to cyber insurance companies needing to be more specific on what is covered compared to what’s not covered. We should expect additional and stricter exclusions to be the norm when it comes to cyber insurance coverage. That will be hard on the average business. It will certainly be more difficult to get coverage. Cyber insurance is relatively new though. Do you think more businesses will consider getting cyber insurance?
Steps To Cyber Security By The Canadian Centre For Cyber Security
Canadian Centre for Cyber Security is recommending critical infrastructures in Canada to take action in their cyber security initiatives. Here is the breakdown from their bulletin :
“The Canadian Centre for Cyber Security encourages the Canadian cybersecurity community—especially critical infrastructure network defenders—to bolster their awareness of and protection against Russian state-sponsored cyber threats…The Cyber Centre urges Canadian critical infrastructure network defenders to:
My thoughts: Their list of recommendations is pretty good to build cyber resilience. Note, that the last step is optional. However, if you have any questions about the next step you should take in your cyber resilience initiatives, private message me. I would gladly answer any questions you may have.
Tourisme Montréal Confirmed a Cyber Security Incident in December 2021.
“We immediately retained security experts to investigate this matter further and ensure the integrity and security of our systems.” Francis Bouchard, the agency’s manager of corporate communications and public affairs said.
The agency, known in English as Visit Montreal, is one of many victims attacked by the Karakurt group.
The Karakurt posting, dubbed its Winter Data Leak Digest, says “the data amount we have obtained is speaking for itself. Which means there is a big hole in IT department that allowed us to exfiltrate everything we wanted.”
This may potentially affect the agency’s 900 local members and partners. (IT World Canada )
My thoughts: One month later and the investigation is STILL on-going.
?
领英推荐
Cyber Attack on Public School System Cancelling Class for over 75,000 Students
In Sante Fe, New Mexico, the Albuquerque Public Schools announced a cyber attack after trying to fend it off for a few weeks. They were one of 5 other public schools that were attacked over the last two years. It happened over the holidays which allowed the district to make plans, but they still needed to shut down the school for a few days. (Toronto Star )
My thoughts: Here are a few consequences of a cyber attack that most don’t consider:
Huge News: Russian Authorities Said They Dismantled REvil Ransomware Group
REvil was behind some of the biggest ransomware attacks like the Colonial Pipeline. But just last week, the US and Russia worked together. The Federal Security Service raided 25 residences tied to the group and seized approximately $6.8 million in various currencies. (CoinDesk )
My thoughts: A communal approach is the only way to survive cyber attacks. Helping each other out is the right lead taken on by these governments working together.
World’s Largest Quadruped Bionis Robot
“China has developed the world's largest electric-powered quadruped bionic robot, which is expected to join logistics delivery and reconnaissance missions in complex environments that have proven too challenging for human soldiers, including remote border regions and highly risky combat zones.” (Global Times)
My thoughts: Thought this was very interesting to share. Kind of scary.
Update from last week’s story: Ukraine says they have evidence that Russia is behind their cyber attack (The Guardian )
?
_________________________________________
Welcome back to Cyber Weekly - a weekly newsletter updating you on what's going on in the cyber world. With over 800 people subscribed to this newsletter, we know these updates are important to the cyber community. Share this newsletter with those who could benefit, and leave a like so we can get this newsletter to even more people. See you next week!
CEO CyBrilliance | Transformative Cyber Resilience Solutions | Remain Resilient in the face of Cyber Threats & Reputation Damage | Trusted Strategist in Operational Resilience, Business Continuity & Data Protection
2 年Interesting but not a total surprise. Not an exact comparison but similar. In Canada in the traditional Out of Country travel insurance there are exclusions for acts of terrorizm. When the Boston Marathon catastrophe happened and it was declared an Act of Terrorism, there was an immediate response and debate between insurance companies and consultants whether an insured person under these contracts would be denied coverage. I won’t bore you with the details but The end result was Insurers agreed to cover this type of occurrence because there was no anticipation of a terrorist attack. This is different but an important note. In relative terms Cyber Insurance is relatively new and doesn’t have 100 years of experience in which to set contractual wording accordingly. so all stakeholders need to prepare for the interpretation and confusion of the current contract wording for a while yet until the market adjusts. But educate yourselves on if you are properly protected against these risks.