MS Exchange attacks could lead to thousands of insurance claims

Insurers are being warned of the potential for a large volume of claims following recent cyber attacks on Microsoft’s email servers.

Tens of thousands of Microsoft Exchange servers in businesses and organisations around the world could have been infected during a series of concerted attacks since the beginning of this year.

Cyber analytics specialist, CyberCube, believes companies in North America to be at greater risk than those in Europe, but large to medium sized businesses globally are all vulnerable. It says that the insurance and reinsurance industries are “likely to see a long-tail of attritional claims resulting from this attack”.

William Altman, cyber security consultant at the firm, said: “The insurance industry is only just beginning to understand the scope of possible damage. It is too early to calculate potential losses from the theft of a corporation’s intellectual property. These kinds of data breaches could have delayed - but long-lasting - impacts on commercial competitiveness.

“An accumulation of loss could result in multiple – theoretically, tens of thousands – of companies making insurance claims to cover investigation, legal, business interruption and possible regulatory fines. There is still the ongoing possibility that even more attackers will launch ransomware or other types of destructive cyber attacks.”

Researchers believe that 10 different “advanced persistent threat actors” globally are now actively exploiting the code used in this attack in a variety of ways. Microsoft has provided patches for the vulnerabilities, but attackers seem to have stepped up their efforts to identify unpatched servers.

    Share Story:

YOU MIGHT ALSO LIKE


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.