Last month, it was discovered that a group of international hackers successfully stole as much as $1 billion from 100 banks in 30 countries by gaining access to the banks’ internal computers via malware, which allowed them to dispense money from ATMs. Experts are warning that it is up to the brokers to work with underwriters to “amend cyber policies for cyber institutions to cover such risks.”
Although this type of attack is not new, its size and scale should give brokers reason to pause. According to Christian Davies, a cyber broker with Safeonline LLC, “What this shows is that the type of attacks are changing constantly, and in the case of this attack it was the use of social engineering and phishing that allowed the hackers to gain access to controls for the ATMs. For financial institutions, attacks of this nature will certainly shift their risk profile; however, currently there is no specific coverage that will insure against this exact hack.”
Davies continued by stating that because it is a cyber risk by hacking, it is excluded from the majority of financial indemnity, crime and banker’s blanked bond policies because it wasn’t the result of employee fraud or illegal activities.
Furthermore, experts believe that these threats are not limited to financial institutions. According to Michael Daly, chief technology officer for Raytheon’s cyber-security business, “it’s definitely not limited to banks. The hackers’ success in this case may inspire other criminals to adopt their methods.”
Insurance Business America has the whole story.