WBISCT Pty Ltd – Enterprise Architecture Consulting and Training

Good times ahead for cyber insurance after WannaCry, NotPetya

(EXTRACT)

Tryg saw a surge in cyber insurance uptake after the WannaCry malware attack in May, which affected 300,000 in 150 countries. Victims significantly affected included Telefonica in Spain and dozens of UK NHS organisations.

A month later, the NotPetya attack struck several global corporations through a poisoned update delivered to Ukraine offices that used an accounting software product from a local vendor MEDocs.

Though WannaCry and NotPetya were initially categorised as ransomware, neither attacks raised significant revenues for the perpetrators, suggesting they were not financially motivated.

Nonetheless, the attacks cost victims a tremendous amount through lost revenues and restoration efforts. Danish-headquartered shipping giant Maersk lost between $200m to $300m to NotPetya, while FedEx, lost $300m to the malware through its TNT Express business in Europe. US drug maker Merck, and confectionary giant, Mondelēz, also reported significant losses due to disruptions to sales and production.

FedEx, which didn’t have cyber insurance, last month said it was now considering a policy after the NotPetya attack. The company opted against cyber insurance after a previous assessment found the market wasn’t mature enough for its needs. However, that assessment focussed on the the exposure of personal information rather than the availability of operational IT systems.

Read Full Article