It has been reported that a second insurer has cited ‘war exclusion’ to avoid payout over NotPetya. Multinational law firm DLA Piper is in a dispute with its insurer, Hiscox, in an echo of the Zurich Insurance refusal to pay out Mondelez – in both cases, the claims related to the NotPetya cyber-attacks with the insurers citing war exclusion clause.It claims that the NotPetya attack comes under an “act of war” exclusion clause given that the government officially said that the Russian military was “almost certainly” behind the NotPetya attack.
Anjola Adeniyi, Technical Leader, EMEA at Securonix:
“Even those with comprehensive cyber insurance coverage are far from guaranteed to be able to recover the costs of a cyber attack.
This most recent dispute between Multinational law firm DLA Piper and their insurance firm Hiscox over the damages associated with the NotPetya attack is the most recent example of the ‘act of war’ exclusion clause being at the centre of an insurance dispute.
The increasing difficulties facing companies who try and claim insurance following a cyber attack is highlighting the growing need to implement preventative strategies. Whilst many companies will fall victim to a ransomware attack, one of the first steps they need to take is to ensure it doesn’t happen again. Computer systems need to be up-to-date on security patches, networks monitored for infections and employees educated on cyber hygiene”