December 22, 2024
LN BUTTON

‘Stress test threat of Russian cyber attacks’

Insurers and reinsurers holding large books of East European business are being urged to stress test their portfolios against the threat of Russian and Ukrainian cyber attacks.

A new report published CyberCube titled “War in Ukraine creates fundamental shift in the cyber threat landscape” encourages insurers and reinsurers to urgently re-evaluate their exposures.

According to the research, the range of relevant scenarios include cyber attacks on off-shore oil rigs, utility suppliers, mobile phone network operators, hospitals, airlines, the SWIFT banking system, plus the widespread use of wiper malware.

CyberCube confirmed that it had observed cyber attacks on Ukrainian critical infrastructure, government services, banks and telecoms. Russian government institutions and enterprises are also being targeted by cyber attackers. Some of these attacks, the company said, have spilled over into neighbouring Belarus, Poland, Lithuania and Latvia.

CyberCube’s report recommends that insurance brokers and risk carriers encourage their clients to focus on threat modeling Russian advanced persistent threats (APTs), known criminal gangs’ tactics, techniques and procedures (TTPs), and cyber security best practices.

Since the conflict began, both Ukraine and Russia have openly recruited a global volunteer cyber force to attack their enemies’ IT systems and networks. The infamous hacking collective Anonymous has joined the conflict alongside Ukraine, while prolific ransomware gang Conti has sided with Russia. As of 1 March, there were at least 33 different cyber threat actor groups actively assisting Ukraine (22) and Russia (9).

The report states that companies in the high-risk geographies of Ukraine, Russia and CIS countries are most at risk of experiencing losses due to cyber attacks. Business interruption claims are likely to stem from cyber attacks on critical infrastructure and key IT Single Points of Failure (SPoF).

Previous Issue