top of page

Courts likely to determine coverage for State-backed Cyber Attacks in London


State-backed Cyber Attacks in London
State-backed Cyber Attacks in London

Lloyd's of London will mandate that insurers omit coverage for state-sponsored hacks connected to armed conflict or catastrophic losses. Additionally, it requires that syndicates have a precise methodology in place for identifying state-based actors who are responsible for an assault.


Although it is always the insurers' responsibility to demonstrate, the exclusion applies, according to Joshua Motta, co-founder, and CEO of cyber insurance firm Coalition, most insurance plans currently do not cover acts of war.


"The significance of the requirement from Lloyd's is that it seeks to eliminate uncertainty in how the war exclusion will be applied," he said.


Although this is a good idea in theory, it is not yet apparent how it will be implemented. Concerns about the rising cost of cyberattacks and who is ultimately responsible align with Lloyd's requirements. Lloyd's exclusion was predictable, proving that cyberattacks aren't solely motivated by monetary gain.


In the future, all standalone cyberattack policies falling under risk codes "CY" and "CZ" must include a suitable clause barring liability for damages stemming from any state-backed hack, according to Lloyd's.


At the very least, the state-backed cyber attack exclusion must:

  • Exclude losses resulting from a war (whether declared or not) when the insurance does not include a distinct war exclusion.

  • (Subject to 3) Exclude damages resulting from state-sponsored cyberattacks that (a) considerably harm a state's ability to operate or (b) significantly impair a state's security capabilities.

  • State clearly if cover excludes computer systems situated outside any state that is harmed by the state-backed cyberattack in the ways indicated

12 views0 comments
bottom of page