Ukraine invasion could result in cyber attack spike

Insurers and reinsurers holding large books of east European business are being urged to stress test their portfolios against the threat of Russian cyber attacks.

Cyber risk analytics firm CyberCube has identified a series of potential cyber attack scenarios. These include cyber attacks on off-shore oil rigs, utility suppliers, mobile phone network operators, hospitals, airlines and the Swift banking system, plus the widespread use of wiper malware.

CyberCube said it had observed cyber attacks on Ukrainian critical infrastructure, government services, banks and telecoms. Russian government institutions and enterprises are also being targeted by cyber attackers. Some of these attacks, the company said, have spilled over into neighbouring Belarus, Poland, Lithuania and Latvia.

The company recommended insurance brokers and risk carriers encourage their clients to focus on threat modelling Russian advanced persistent threats (APTs), known criminal gangs’ tactics, techniques and procedures and cyber security best practices.

Companies in the high-risk geographies of Ukraine, Russia and Commonwealth of Independent States countries are most at risk of experiencing losses as a result of cyber attacks. Business interruption claims are likely to stem from cyber attacks on critical infrastructure and key IT single points of failure.

“This conflict will undoubtedly push the boundaries of acceptable behaviour in cyberspace,” William Altman, CyberCube’s principal cyber security consultant, said. “What’s worrying is the cyber elements of this conflict could escalate quickly.

“We have the potential for unprecedented cyber-physical impacts, including attacks on critical infrastructure. However, before a full-blown cyber disaster becomes likely, we believe there will be several levels of escalation needed to reach that stage.”