In an ever-connected world, cyberattacks have emerged as a grave concern for individuals, businesses, and governments alike. A number of serious cyber threats have caused devastation across the globe, but we’ve compiled a list of five attacks that have left an everlasting mark on the cybersecurity landscape, especially in terms of their relationship to systemic risks and operational technology.
1. WannaCry
In May 2017, a huge cyberattack took the world by storm. WannaCry, a massive ransomware attack, affected hundreds of thousands of computers in over 150 countries. It exploited a vulnerability in Microsoft Windows systems that had not been properly updated by many of it’s users. The attack caused widespread disruption in various sectors, including healthcare, transportation, and finance.
The WannaCry attack highlighted the importance of continuous software updates and patches for networked devices, emphasizing the need for cyber hygiene and proactive risk management through the cyber insurance industry, which are integral components of a comprehensive cyber insurance strategy. It also highlighted the substantial Business Interruption (BI) risk following such catastrophic cyber events.
2. NotPetya
The cyber threat actor behind NotPetya created a far-reaching, extremely costly malware attack that occurred in June 2017. Believed to be the work of Russian state-sponsored hackers, the cyberattack started in Ukraine but spread globally, targeting businesses and organizations, including major corporations and key infrastructure. The estimated incurred loss in damages or lost, goods, services, or opportunities was over USD 10 billion. But the damage went beyond just financial: the radiation monitoring system at Chernobyl, Ukraine’s nuclear power plant, went offline. The attack was proven to be so successful due to the threat actors infiltrating a commonly used tax software, Turbo Tax, and infecting it with malware.
The NotPetya incident drew attention to the issue of systemic cyber risk. More specifically, the incident pointed to an urgent need for carriers to consider the increasing digitalization and globalization of modern supply chains and the impact this may have on third-party cyber risk management, the cyber insurance industry, and business interruption. Carriers are still managing claims that resulted from this attack – for example, judgement on the Merck case was only recently handed down.
3. Colonial Pipeline
In May 2021, the Colonial Pipeline, a giant fuel supplier for the eastern United States, experienced a Ransomware-as-a-Service (RaaS) attack by hackers believed to be from the DarkSide group, a major cyber threat actor. They exploited the company’s networks, forcing a shutdown of operations, which severely impacted fuel supply and raised concerns about critical infrastructure vulnerabilities. It was considerate a hybrid attack: hackers targeted IT infrastructure, causing the associated OT shutdown and disrupting fuel distribution.
The attack highlighted the vulnerability of Operational Technology (OT) and critical infrastructure in the dynamic cyber threat landscape. , many of which run on outdated operating systems that cannot be easily updated, creating a ripe target for malicious actors. The unique challenges of OT, such as the longevity of physical systems and the complicated software updates, have made it difficult for the cyber insurance industry to adequately cover OT-related risks.
4. Stuxnet
Stuxnet, a cyberattack discovered in 2010, was a sophisticated computer worm designed to sabotage Iran’s nuclear program by targeting its Operational Technology (OT). The worm destroyed over 900 centrifuges at the Natzan Uranium Enrichment facility by causing them to burn out. This marked a significant shift in cyber warfare, demonstrating the potential for cyberattacks to cause physical damage.
Read more about Lloyd’s Cyber War Exclusions here.
5. Equifax Data Breach
In 2017, a major cyberattack on Equifax, one of the largest credit reporting agencies in the world, caused a large-scale data breach that compromised the personal information of approximately 147 million consumers, including names, Social Security numbers, birth dates, and more.
The breach revealed that Equifax did not adhere to its security policies and highlighted the need for stronger data security measures. The attack, which occurred at a time when the cyber insurance industry was soft, threatened a tsunami of class actions from both consumers and Equifax’s business partners, jolting carriers into rethinking pricing and increasing the stringency of their underwriting.
In conclusion, these five cyberattacks serve as a critical reminder of the importance of cybersecurity measures and the potential consequences of cyber threats on various sectors of society. They have significantly influenced the cybersecurity landscape, leading to increased awareness and efforts to bolster cyber defenses worldwide. Cyber insurance professionals must ensure that they are well acquainted with the details of these incidents and their shaping of the cyber insurance industry.
Give Yourself The
Unfair Advantage.
Our CCIS certification is a mark of excellence that employers and recruiters want to see.
Want to read more about our CII-accredited Certified Cyber Insurance Specialist (CCIS) Course? Click here.
