Global insurance firm Hiscox is the now second insurance firm known to have refused to pay out a company damaged in a NotPetya cyberattack, Verdict reports.
It is believed that Hiscox has made the refusal because the Russian government was accused by the UK of circulating NotPetya.
If that is the cases, insurance firms are arguing, it would mean the attacks fall under “Act of War” exclusion clauses included in insurance contracts.
The affected firm in the latest case is multinational law enterprise DLA Piper, which reportedly had to pay out over 15 000 hours of overtime to clean up after a NotPetya ransomware attack in 2015.
Maersk and TNT Express reportedly had to go offline following attacks of NotPetya.
Danish shipping giant Maersk has reportedly claimed that NotPetya malware, whereby hackers encrypt data and will not release it unless a cryptocurrency ransom is paid, resulted in losses of $378 million to the company.
FedEx subsidiary TNT Express pegged NotPetya losses at $374 million.
The other insurer that has reportedly used “Act of War” provisions to refuse to make NotPetya payout is Zurich, insurer of Mondelez, a large American food company.
Mondelez is now suing Zurich for $100 million.
Mondelez says that 1700 servers and 24000 laptops were destroyed in its NotPetya hack.
While many firms infected by ransomware are lucky to have had their data backed up, removing ransomware and associated Trojan malware from an infected system can be very difficult.
If not completely expunged, malware can be reactivated.
In early 2018, the UK government claimed GRU Russian military intelligence was very likely responsible for NotPetya, which they said was originally designed to attack infrastructure targets in Ukraine, including financial, energy and government targets.
At the time, the UK government called NotPetya, “the most destructive and costly cyber attack in history,” and UK Defence Secretary Gavin Williamson said Russia had “ripp(ed) up the rule book” by deploying it.
These cases of refused insurance payouts highlight the importance of companies implementing stringent best practices designed to prevent cyber attacks.
Regarding the matter, Anjola Adeniyi, Technical Leader, EMEA at Securonix told Verdict:
“Whilst many companies will fall victim to a ransomware attack, one of the first steps they need to take is to ensure it doesn’t happen again. Computer systems need to be up-to-date on security patches, networks monitored for infections and employees educated on cyber hygiene.”