Notwithstanding the absence of a congressional war declaration since Japan bombed Pearl Harbor, Zurich American Insurance Company has invoked a “war exclusion” in an attempt to avoid covering Illinois snack food and beverage company Mondelez International Inc.’s expenses stemming from its exposure to the NotPetya virus in 2017. The litigation, Mondelez Intl. Inc. v. Zurich Am. Ins. Co., No. 2018-L-11008, 2018 WL 4941760 (Ill. Cir. Ct., Cook Cty., complaint filed Oct. 10, 2018), remains pending in an Illinois state court.
Continue Reading

In what has been described as a “watershed” cyber incident, hackers recently used sophisticated malware—dubbed Triton—to take control of a key safety device installed at a power plant in Saudi Arabia. One of the few confirmed hacking tools designed to manipulate industrial control systems, this new breach is part of a growing trend in hacking attempts on utilities, production facilities, and other critical infrastructure in the oil and gas industry. The Triton malware attack targeted the Triconex industrial safety technology made by Schneider Electric SE. The attack underscores the importance of mitigating this and other similar risks through cyber and other traditional liability insurance as part of a comprehensive cybersecurity program.

Continue Reading

In its third quarter report, insurer Beazley reported a nine-fold increase in social engineering attacks (i.e., deception-based fraud/crime) as compared to the same time last year.  So far, the majority of social engineering attacks in 2017 were focused on the professional services sector (18%), followed by financial institutions (9%), higher education (9%) and healthcare (3%).  The report also notes continued high rates of unintended disclosure via employee negligence across all sectors (29%), second only to affirmative hacking or malware attacks (34%).

Continue Reading