skip to Main Content

Zurich considers the NotPetya cyber attacks an act of war, “not covered”

Zurich considers the NotPetya cyber attack as an act of war and refuses to refund the US food giant Mondelez for damaged sustained from the malware, that sues the insurance company. The ruling will be a case study for the entire sector

Zurich American insurance company considers the NotPetya ransomware cyber attacks an act of war.  So, it’s refusing to refund Mondelez for the damaged suffered. The US giant sued the company for $100 million. The food company estimated the aggression caused a cut of 3% from second-quarter sales growth, because of disruptions to shipping and invoices. According to Security Affairs, Zurich offered initially $10m, but after a further investigation decided to not pay the policy due to an exclusion for “hostile or warlike action in time of peace or war” by a “government or sovereign power.” This decision is a case study. Zurich, in fact, it will be obliged to prove the attribution of the attack to Russia. The ruling will be a milestone in the cyber insurance sector, whatever its outcome will force companies to review their policies and client companies to pay attention to all possible exceptions.

For the cyber security community, NotPetya is a Russian cyber weapon against Ukraine. But the massive ransomware attacks caused damages for more than $10 billion worldwide

According to the cyber security community, NotPetya is a cyber weapon develped by Russia to hit the Ukrainian government. The massive ransomware attack caused damage not only to Mondelez, but also to other big companies. For instance, the shipping giant Maersk declared that it had lost $300 million as a result of the cyber attacks. The initial infection hit Ukraine, but it spreaded very fast abroad. There have been damages also in France, Germany, Italy, Poland, the United Kingdom, United States, Germany, Russia, India and other countries. The White House assested that globally the malware caused damages for more than $10 billion. The aggression has been considered an ac of cyber terrorism. And NATO general secretary, Jens Stoltenberg, pressed the Alliance to strengthen its cyber defenses, saying that a cyber attack could trigger the Article 5 principle of collective defense.

Back To Top