Cyber physical damage a growing concern
The risk of physical damage arising from a cyber attack is a growing area of concern, driven by recent incidents and the potential scale of future events, according to Tom Harvey, product manager of RMS Cyber Solutions.
There is a huge amount of variety this physical damage can take, he suggested, and RMS tends to focus on areas such as fire or explosion and property damage.
One example would be hackers gaining access to a company’s network operation centre and subsequently to multiple offshore oil rigs, which would then allow them to interfere with the control or safety systems.
“On certain types of oils rigs it’s possible to cause explosions and fires,” Harvey continued. “We explore these scenarios with penetration testers that work in the energy industry. There is a real concern that a malicious actor could—through cyber means—take down an offshore oil rig, which would be huge.”
Harvey cited a 2014 cyber attack on a German steel mill when a blast furnace was targeted, causing an explosion, as detailed in an annual report of the German Federal Office for Information Security (BSI).
“Attackers hacked the corporate network and gained access to the production systems and systematically interrupted the control systems. This caused a blast furnace to explode, causing substantial physical damage to the property,” he said.
Another concern of the industry, according to Harvey, is when a cyber attack is considered an act of terrorism or an act of war, and whether the insurance industry would foot the bill.
He cites the Lazarus Group, a North Korean group of hackers that were rumoured to be involved in the theft of money using the SWIFT interbank lending system, and were close to stealing $1 billion from that attack.
“State-sponsored actors are not looking just to cause physical damage, but also to steal money, interrupt business and cause general economic disturbance. There is a huge range of cyber attacks state-sponsored groups can carry out. The question is whether the insurance industry picks that up? In an ideal world, no.
“It’s not the job of the insurance industry to pick those up, it’s an act of physical war. The difficulty with cyber is the attribution to a specific group. Given that you have these loosely connected groups, and given that forensically going through digital records to identify the actor involved is so difficult, a lot of the risk is sitting on the balance sheets of insurers today,” Harvey concluded.
Get the latest re/insurance news sent to your inbox every day - Sign up to our free email newsletters
Other stories from the Baden-Baden Day One newsletter
EMEA will not escape the fallout from the US storm losses: Swiss Re
Only a brave underwriter will volunteer a reduction now
Disruption will be central theme of Baden-Baden 2017 meeting
Excess capital will protect ratings
Lloyd’s and Bermuda reinsurers at risk from nat cat losses
US–EU agreement unlikely to mean demise of legal entities
Cedants want tech to deliver transparency
Blockchain faces uphill battle against insurers’ scepticism
Cat capacity up as reinsurers seek growth
Reinsurance innovation will help enable sustainable growth
Using Lloyd’s to expand brokerage business
European reinsurers will benefit if NFIP buys more cover
Capacity will move to stable Europe
Reinsurtech set to transform the industry
In Baden-Baden to negotiate—and drink beer
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk
Editor's picks
Editor's picks
More articles
Intelligent Insurer
Newton Media Ltd
Kingfisher House
21-23 Elmfield Road
BR1 1LT
United Kingdom