As the cyber insurance industry grows, develops, and gains a better handle on the risk – or at least aims for that goal – there remains the problem of property. Cyber-related property damage is the party that very few want to attend just yet in the cyber world and with minimal data and less than a handful of incidents that have or could have caused physical damage, it’s still easy to pretend the e-vite got lost in the e-mail.
That doesn’t mean that insureds, brokers, and insurers aren’t all watching warily for any event that tips the scale from “potentially huge” risk to “actual risk that’s happened and might quite readily happen again.” Successful, damaging cyber attacks on critical infrastructure and/or industrial control systems currently appear to be limited to the 2010 Stuxnet attack on Iran’s nuclear power facilities and “that German steel mill” in 2014, but if the recent indictment from the US Attorney General against seven Iranian hackers for remotely tampering with the control system of a tiny, relatively inconsequential dam in upstate New York, more efforts should be expected. Officials in the town were confused by the Rye Brook, NY, dam factoring into an international plot, but anyone with even a passing familiarity with crime knows you do a reconnaissance dry run on a smaller target before you go for the big score.
The Department of Homeland Security also revealed in a recent report that 2015 saw 295 attempted intrusions on critical infrastructure. While 69 percent were thoroughly unsuccessful in breaking into systems, hackers have not shown any real predilection for giving up and going home when met with a challenge.
Read the full story
This story in an excerpt of the original. The content originally appeared in Cyber Front Page News. To read the whole story, you must be a subscriber. Subscribe now. If you are a subscriber, check your email for Cyber Front Page News on April 21.