NotPetya was NOT an ‘act of war’
source link: https://itwire.com/business-it-news/security/notpetya-was-not-an-%e2%80%98act-of-war%e2%80%99.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
A recent US legal decision has declared NotPetya to not be an act of war. This means that Merck’s insurers will be forced to pay $1.4B compensation.
In February 2018, we wrote of the wide impact of NotPetya on businesses around the world, including the pharmaceutical manufacturer Merck.
Following Merck’s claim against their cyber insurance policy (spread across a number of insurance companies), the consortium rejected the claim invoking the ‘act of war’ clause in the policy. Of course Merck took this to court.
The Superior Court of New Jersey Appellate Division’s decision, which upheld a lower court’s ruling, means that Insurers must help cover losses from the $1.4 billion cyberattack that the U.S. blamed on Russia, rejecting the insurers’ argument that the attack was akin to an act of war normally excluded from coverage.
The NotPetya cyberattack didn’t involve military action and can’t be excluded from coverage under a warlike-act exclusion, New Jersey appellate division judges said in a decision released on Monday (Tuesday, Australian time).
“The exclusion of damages caused by hostile or warlike action by a government or sovereign power in times of war or peace requires the involvement of military action,” the judges wrote. “Coverage could only be excluded here if we stretched the meaning of ‘hostile’ to its outer limit.”
Merck is pleased with the decision, a spokesman for the Rahway, N.J.-based pharmaceutical company said.
Overall, the attack affected 10,000 machines in its global network and over 40,000 internal to the corporate campus. The computers were damaged after malware entered the pharmaceutical company’s systems through accounting software used in their Ukraine operation.
Monica Oravcova, COO and co-founder of Naoris Protocol, said ”this is an incredible blow for the insurance industry and no doubt will precipitate a flurry of activity in existing insurance industry underwriting practices.
“Lloyds of London have already paved the way in terms of dealing with the fallout of ambiguous policy language by requiring insurers to craft exclusionary clauses for “acts of war” which was the hotly debated theme of the lawsuit.
“The effect of the ruling will impact not only insurers but the companies that seek cover. We can expect even tighter restrictions, exclusions and possibly another spike in premiums. Now more than ever ,we need to look to decentralised technology to prevent these attacks as the costs both in terms of productivity and economics, are becoming a trillion dollar headache for business and government”.
“The United States didn’t say ‘NotPetya is an act of war against the United States and we’re going to launch a military response,’” Mark Mosier, a lawyer representing Merck, said at oral arguments in February.
Insurers argued that the state-linked action should be considered a warlike act. Almost all kinds of insurance exclude coverage for war to try to protect insurers from the runaway losses that can occur in a conflict between nations.
“It was a virtual cyber nuclear attack,” Philip C. Silverberg, a lawyer representing several of Merck’s insurers, told judges in February.
Trade groups representing a range of sectors, from manufacturers to restaurateurs, supported Merck’s position, arguing that categorical exclusions in insurance policies should be read narrowly.
David Cummings, a lawyer for insurance-related non-profit organization United Policyholders commented that “the court’s decision was a meaningful affirmation that plain language and the core, policyholder-friendly tenets of insurance law must ultimately prevail.”
Read 359 times
Please join our community here and become a VIP.
Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here
GARTNER MARKET GUIDE FOR NDR 2022
You probably know that we are big believers in Network Detection and Response (NDR).Did you realise that Gartner also recommends that security teams prioritise NDR solutions to enhance their detection and response?
Picking the right NDR for your team and process can sometimes be the biggest challenge.
If you want to try out a Network Detection and Response tool, why not start with the best?
Vectra Network Detection and Response is the industry's most advanced AI-driven attack defence for identifying and stopping malicious tactics in your network without noise or the need for decryption.
Download the 2022 Gartner Market Guide for Network Detection and Response (NDR) for recommendations on how Network Detection and Response solutions can expand deeper into existing on-premises networks, and new cloud environments.
PROMOTE YOUR WEBINAR ON ITWIRE
It's all about Webinars.Marketing budgets are now focused on Webinars combined with Lead Generation.
If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.
The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.
Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK