Massive cyber breach “a wake-up call,” says expert

Cyber breach has crippled businesses across Asia – and there could be more to come

Massive cyber breach “a wake-up call,” says expert

Insurance News

By Jordan Lynn

A massive cyber attack which spread across the globe is a wake-up call to all businesses to boost their mitigation and insurance efforts, an expert has said.

The attack, which made waves on Friday, soon spread to 150 countries and more than 200,000 computers across the world by exploiting vulnerabilities in Windows computers which could have been blocked with up-to-date security patches.

In Asia, Chinese energy giant PetroChina said that payment systems at some of its petrol stations had been hit. In addition, nine confirmed cases have been reported in South Korea.

Brad Smith, president and chief legal officer for Microsoft, called the attack a “wake-up call for all of us” and urged businesses to update their systems.

“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems,” Smith said.

Meena Wahi, a specialist cyber broker and director of Cyber Data-Risk Managers, told Insurance Business that the attack highlights the need for better risk management around cyber as the ransomware could easily be defended against.

“There has to be governance around security and there has to be risk management,” Wahi said. “Cyber insurance does not bypass all of that and just transfer risk.”

Wahi noted that impacted businesses may not be covered under a cyber insurance policy as many insurers could deny claims based on a lax or negligent risk management strategy.

As more is learned from the attack and its ramifications throughout Asia, Wahi noted that planning and preparation in the event of a cyber attack is key.

If a broker client falls victim to a cyber attack, Wahi said the best thing to do is to notify an insurance claims team as soon as possible as forensic teams can help isolate the incident and work on a response.

As the victims of the attack continue to count their losses, cyber security vendors could find themselves in the limelight for failing to secure businesses.

“The security vendors need to look at their own professional indemnity insurance because they may be held liable,” Wahi continued.

Related stories:
Indonesia warns of more cyber attack damage following global scare
Hong Kong and British regulators to work together on fintech

Keep up with the latest news and events

Join our mailing list, it’s free!