Does your business insurance coverage include cyberterrorism insurance? With the ever-growing risk of cyberterrorism, business leaders should be aware of how common exclusions in cyber liability policies could impact their cyber coverage.
What is cyberterrorism?
Cyberattacks have the potential to cause massive financial loss and disruption. And, some attacks may even put people in danger – for example, if the target is a hospital, critical infrastructure or a manufacturing company that stores hazardous materials. But, when do cyberattacks rise to the level of cyberterrorism?
To answer this question, it’s important to define cyberterrorism, but experts don’t always agree on its definition. According to the FBI’s Law Enforcement Bulletin, cyberterrorism was first coined in the 1980s to describe terrorism that shifted from the physical realm to the virtual realm. Since that time, the Center for Strategic and International Studies (CSIS) has defined it as “the use of computer network tools to shut down critical national infrastructures to coerce or intimidate a government or civilian population.”
The Rising Threat of State-Backed Cyberattacks
Some hackers may be individuals looking to make a quick buck or get revenge against a company they have a personal grudge against. However, many hackers are part of sophisticated organizations, some of which are backed by powerful governments.
The Cybersecurity and Infrastructure Security Agency (CISA) has warned that nation-state adversaries pose an elevated risk to national security. Specifically, it cites the governments of China, Russia, North Korea and Iran as advanced persistent threats (APTs).
This warning is not unwarranted, since some well-known cyberattacks have been allegedly backed by foreign governments. One of the most notorious examples is the 2019 SolarWinds cyberattack, which infiltrated thousands of organizations, including the United States government and Microsoft, and is suspected to have been committed by a group of hackers backed by the Russian government. While older attacks such as these may be the most well-known examples, newer and larger cyber events continue to emerge, often with increasing financial and operational impacts.
Cost of Data Breaches and Ransomware Attacks
Whether or not it’s an act of cyberterrorism, data breaches and ransomware attacks can be financially devastating for impacted businesses.
A report from IronNet found that 85 percent of businesses surveyed said they were impacted by the SolarWinds attack, and 31 percent of companies experienced a significant impact. On average, the attack cost companies approximately 11 percent of their annual revenue. Companies in the technology sector were hit even worse, losing an average of 14 percent of their annual revenue.
IBM says the average global cost of a data breach is $4.88 million in 2024. Costs have been rising, and this figure represents a 10 percent year-over-year increase.
Cyber Liability Insurance and Cyberterrorism Exclusions
Cyber insurance can cover a variety of costs associated with data breaches and cyberattacks, including data recovery, extortion, ransom payments and regulatory fines. However, many policies have exclusions for acts of war or cyberterrorism, which can limit coverage in specific scenarios.
The definitions of “acts of war” and “cyberterrorism” often carry challenging exclusionary clauses that can vary significantly between insurance policies, making it difficult to determine coverage. The ambiguity in proving who perpetrated a cyberattack (especially in state-backed scenarios) adds further complexity to the claims process and could even result in the recovery of previously paid claims if an attack is misclassified.
Ambiguity in proving who perpetrated a cyberattack (especially in state-backed scenarios) adds further complexity to the claims process and could even result in the recovery of previously paid claims if an attack is misclassified.
Due to this uncertainty, it’s essential for businesses to evaluate the resilience of their cyber strategies, including their cyber insurance coverage. Property Casualty 360 states that while most policies cover cyberterrorism, due to common war exclusions, they may not cover cyber events that arise out of war, regardless of whether the war is formally declared. These war exclusions have become more prevalent since the 2017 Ukraine ransomware attacks, which were linked to the Russian government and caused billions of dollars in losses.
Managing Cyber Risk
Cyberattacks are a major threat against businesses, and this threat continues to grow as technology advances. Hackers are gaining access to sophisticated new tools that leverage artificial intelligence to create and launch attacks. With this in mind, there are several steps your organization can take to help mitigate cyber risks:
- Utilize secure settings. Restrict access by requiring strong passwords, implementing the principle of least privilege and utilizing other settings that prioritize cyber security.
- Leverage cybersecurity tools. Firewalls, anti-virus programs and threat detection tools can help businesses to avoid or minimize threats.
- Provide continuous training. Ongoing cyber education can help workers stay vigilant and learn how to avoid new and evolving threats. This is especially important considering recent advances in artificial intelligence that have led to sophisticated social engineering
- Review your contracts. A cyberattack on a vendor or partner could impact your business. Due to this growing threat, cybersecurity issues, including liability and insurance coverage, have become important elements in contracts.
- Assess your insurance coverage and needs. If you don’t have cyber insurance, consider whether your organization should purchase it. If you have coverage, check your policy for limits and exclusions, including state-backed cyberattack exclusions, to help determine if additional coverage is warranted.
Are your cyber risks adequately covered?
Does your business insurance coverage include cyberterrorism insurance? If you’re not sure that you’d be protected in case of a cyberattack, Higginbotham can help you create a more proactive strategy by reviewing your cyber risks and coverage needs. Speak with one of our cyber insurance specialists today.
