Skip to main content
Marsh logo

Article

Petya/GoldenEye Cyber-Attack Drives New Focus on Cyber Resilience

Petya/GoldenEye, the latest global ransomware cyber-attack, has hit major government agencies and operations in the Ukraine and Russia and netted companies in many industries worldwide.

28/06/2017 · 2 minute read

Petya/GoldenEye, the latest global ransomware cyber-attack, has hit major government agencies and operations in the Ukraine and Russia and netted companies in many industries worldwide. In many cases, the attack shut down operations for hours and even days, causing significant business interruption and disruption. While similar to WannaCry in some respects, the Petya/GoldenEye attack demonstrates that more virulent malware can be unleashed with little effort on specific targets and innocent bystanders, with consequences for all.

Insurance and Claims Actions

The full extent of impacted organisations and losses is not yet known, and businesses continue to work to contain the damage. Affected organisations should also take the following steps in relation to their insurance coverage and potential claims:

    Review your insurance coverage. In addition to a cyber insurance policy, property, general liability, errors and omissions liability, and directors and officers liability may come into play for your direct losses and any harm your situation may have caused others. If your suppliers or vendors are affected, contingent business interruption coverage under cyber and/or property programs could apply. Consult your broker or insurer to understand your coverage and how each policy is triggered.

    Document the event timeline and quantify the impact. A record of events, from breach through full recovery, can help you estimate the “period of recovery” for the loss. Forensic accountants can help establish a protocol for identifying and properly categorising claim-related costs as well as business interruption, extra expense, or other financial impacts not easily captured. This can help you report within your organisation, recover claims from insurers and third parties, conduct post-mortems to improve cybersecurity, and respond to law enforcement requests for information.

Managing Cyber Risk

Today’s ever-evolving and unpredictable pandemic cyber-attacks necessitate continual assessments and improvements to cyber insurance and risk management programs. Now is the time to:

    Re-evaluate your cyber risk insurance needs. If you already have coverage, assess whether you are covered for business interruption and cyber extortion and re-examine program limits in relation to potentially catastrophic scenarios. If you haven’t purchased cyber insurance yet, consider that — beyond financial protection — coverage provides access to vital resources to stop damage and recover from a cyber-attack, including technology vendors, legal counsel, and public relations expertise.

    Plan for the next event. More global cyber-attacks are likely to occur in the future. Develop concrete plans now to enhance cybersecurity and enterprise resilience, including assessing cybersecurity vulnerabilities, testing cyber incident response plans, and introducing complex ransomware threat scenarios into your exercises and risk modelling.

Taking action now can help reduce your exposure to cyber-attacks that may intentionally target you or reach you through supplier, vendor, and other networks. With best-in-class cyber insurance coverage and cybersecurity management programs in place, you can improve your resilience in the face of new cyber risk challenges.

Related insights

Cyber Ferma Report

Report

Why the cybersecurity gap between SMEs and large organisations matters

18/02/2025
notifications on a computer

Article

Laws to disrupt ransomware payments considered in the UK

13/02/2025
Top view of the forest trees and the road through the forest. Aerial photo of the forest, drone.

Article

Exploring the insurability of fines and penalties under the DPDP Act: Insights from Marsh India and Khaitan & Co

08/01/2025
Container lifting

Article

Effective Cyber Incident Management Strategies for Supply Chain Resilience

24/12/2024
View more