Lloyd’s of London, the London-based insurance market heavily involved in implementing sanctions against Russia, may have been hit by a cyber-attack. On Wednesday, October 5, 2022, the British insurance market revealed it had detected “unusual activity” on its systems and has turned off all external connectivity “as a precautionary measure.”
“We have informed market participants and relevant parties, and we will provide more information once our investigations have concluded,” said a Lloyd’s spokesperson.
The company did not comment on whether or not it has been contacted by hackers, if a ransom demand has been issued, or on the possible source of the attack.
However, the insurance market has been closely involved with the design and implementation of sanctions imposed on Russia in response to its invasion of Ukraine – a potential motive for the attack. Lloyd’s itself has confirmed it was working closely with British and international governments to implement such sanctions.
More generally, “insurance groups are an obvious target for cyber-attacks as they store huge amounts of confidential information and policyholder data,” Jake Moore, global cybersecurity advisor at European vendor ESET, told Infosecurity Magazine.
“They are also high-profile targets as the information they hold can aid future attacks by pointing attackers in the right direction for those with cyber insurance and therefore highlighting those who are potentially more likely to pay ransom demands”, he added.
“Some have even sought to hack cyber insurance databases to ensure that they can demand the entire premium as ransom,” reported TechMonitor. This has led to insurance premiums increasing in price and, in some cases, becoming harder to obtain. Last year, French insurance company Axa announced that it would not fulfill any further cyber insurance claims – and was itself hit by a cyber-attack days later.
“The main suffering by insurers following an attack is business interruption. However, data stolen in an attack could be used in its own separate ransom attacks or for other criminal purposes such as identity theft to obtain further financial gains,” Moore said.
Earlier in 2022, Lloyd’s instructed its 76 insurance syndicates to remove “nation-state-backed cyberattacks” from insurance policies by March 2023, as well as losses “arising from a war.”