CyberCube has released a new report saying that insurers and reinsurers should stress test their portfolios if they hold eastern European business, following the invasion of Ukraine by Russia.
The company has released a new report called War in Ukraine creates fundamental shift in the cyber threat landscape that presents eight scenarios coming from cyber-attacks. These are a widespread wiper malware, a SWIFT banking compromise, ransomware directed at hospitals, and attacks on offshore oil rigs, mobile network operators, electric utilities, oil and gas refineries, and airline navigation.
The authors of the report write: “The most immediate effects of cyber war will be felt in Ukraine and in Russia. Insurers and reinsurers with exposure to either country’s critical infrastructure sectors will likely have exposure to cyber-attacks and business interruptions, though war clauses need to be considered. Cyber conflict between Russia and nations that assist Ukraine may occur once sanctions and diplomacy are exhausted.”
There will be two waves of cyber-attacks, says CyberCube. The first will be Russia against Ukraine, with the second being Russia against Ukraine’s allies. The key questions insurers and reinsurers should be asking, said the firm, will be around their exposures to high-risk geographies; to companies that are likely to be targes in the US, UK, and Japan; and what needs to be considered in relation to ‘act of war’ clauses.
“Regardless of the ultimate outcome of the war in Ukraine,” writes CyberCube, “the (re)insurance industry is facing a fundamental shift in the cyber threat landscape as the conflict will undoubtedly continue to push the boundaries of acceptable behaviour in cyberspace.”
CyberCube’s report recommends that insurance brokers and risk carriers encourage their clients to focus on threat modelling Russian advanced persistent threats (APTs), known criminal gangs’ tactics, techniques and procedures (TTPs), and cyber security best practices.
Since the conflict began, both Ukraine and Russia have openly recruited a global volunteer cyber force to attack their enemies’ IT systems and networks. The infamous hacking collective Anonymous has joined the conflict alongside Ukraine, while prolific ransomware gang Conti has sided with Russia. As of 1 March, there were at least 33 different cyber threat actor groups actively assisting Ukraine (22) and Russia (9).
CyberCube is not the only firm concerned with ongoing cyber-attacks arising from the Russia-Ukraine conflict. A few days ago, Fitch Ratings said that the risk of cyberattacks has increased following Russia’s invasion of Ukraine and may test the effectiveness of ‘war exclusion’ and ‘hostile act exclusion’ language in policies.
A note from the agency said that the wordings, already under greater scrutiny following a recent court ruling that found an insurer liable for losses stemming from the 2017 NotPetya malware attack, may be further tested by current events stemming from Russia’s actions.
However, Fitch Ratings said that the work done around rising cyber claims in recent years should mitigate some underwriting losses.
