Cyber war exclusions boost likelihood of claims litigation

Moody’s Investors Service has published a sector comment on cyber insurers raising rates and narrowing coverage amid the military conflict in Ukraine.

It cautions that the heightened cyber threat level comes at a time when cyber insurance has become more expensive and insurers have sought to narrow coverage, as ransomware attacks have driven insured losses higher and weakened the product’s profitability. 

A lack of standard, battle-tested definitions in cyber policies makes litigation more likely, according to the rating agency.

“Cyber insurance policies include war exclusions; however, defining and applying those war exclusions is difficult because definitions differ, attribution for attacks is not always clear, and there is the potential for spillover beyond the intended target,” it notes.

“Many policies carve back ’cyber terrorism’ from the war exclusion, meaning that an incident of cyber terrorism would still be covered, despite the war exclusion. However, the definition of cyber terrorism can also vary across policies.

“In the event of a widespread, severe attack that began as a result of the conflict, insurers could invoke the war exclusion for individual policies but it would depend on the facts and circumstances at the time.

”How the war exclusion would apply to impacted parties outside Ukraine is a complex coverage issue and would likely be litigated. Such litigation could also be protracted, especially if claims are filed under multiple cyber insurance policies.”

Sanctions prompt backlash

Stringent sanctions the US and allied governments placed on Russia following its invasion of Ukraine have increased the likelihood that both the Russian government and non-government actors will attempt cyberattacks on entities across sectors and regions as an illicit means of raising funds.

The most likely targets are banks, cryptocurrency platforms and corporate intellectual property assets. The military conflict has also increased risks of cyber attacks against critical infrastructure in Ukraine and beyond.

“Russia’s invasion of Ukraine has increased the risk of cyberattacks that could spread well beyond the geographic bounds of the military conflict that began earlier this year,” says the report.

“Although cyber events connected to the military conflict have not yet risen to the scale some had predicted at its start, cybersecurity experts and government officials have warned that further and larger-scale attacks remain a possibility.”

Strong cybersecurity practices will be key to mitigating the risk of cyber attacks.

Moody’s issuer surveys on cyber risk have shown that basic cybersecurity management is an area of relative strength for the financial services and defense industries, among critical infrastructure sectors.

However, cybersecurity management practices of regional and local governments and other types of public entities lag in comparison.