Cyber analytics provider CyberCube has warned re/insurers of the potential for a large volume of claims resulting from recent cyber attacks by criminals on the servers running Microsoft’s email services.
Tens of thousands of Microsoft Exchange servers in businesses and organisations around the world could have been infected during a series of concerted cyber attacks since the beginning of this year, CyberCube says.
Companies in North America are more at risk than their European counterparts but large-to-medium sized businesses globally are vulnerable, it added.
The cyber attacks, believed to have come from Chinese state-sponsored hackers, see vulnerabilities in Microsoft Exchange servers being exploited to allow malicious code to be placed on them.
This code can be used for ransomware, espionage or even misdirecting the system’s resources to mine for cryptocurrency on behalf of the criminals.
CyberCube’s report concludes that the insurance and reinsurance industries are “likely to see a long-tail of attritional claims resulting from this attack”.
“The insurance industry is only just beginning to understand the scope of possible damage,” said William Altman, Cyber Security Consultant at CyberCube and one of the report’s authors.
“It is too early to calculate potential losses from the theft of a corporation’s intellectual property. These kinds of data breaches could have delayed – but long-lasting – impacts on commercial competitiveness,” Altman continued.
“An accumulation of loss could result in multiple – theoretically, tens of thousands – of companies making insurance claims to cover investigation, legal, business interruption and possible regulatory fines. There is still the ongoing possibility that even more attackers will launch ransomware or other types of destructive cyber attacks.”