Re/insurers holding large books of East European business are being urged to re-evaluate their exposures by stress testing portfolios against the threat of cyber attack.

Cyber risk analytics expert CyberCube has identified a series of potential attack scenarios, including attacks on off-shore oil rigs, utility suppliers, mobile phone network operators, hospitals, airlines and the SWIFT banking system, in addition to the widespread use of wiper malware.

CyberCube confirmed that it had observed cyber attacks on Ukrainian critical infrastructure, government services, banks and telecoms.

Russian organisations are also being targeted by cyber attackers, some of which have spilled over into Belarus, Poland, Lithuania and Latvia.

William Altman, CyberCube’s principal cyber security consultant, said: “This conflict will undoubtedly push the boundaries of acceptable behaviour in cyberspace. What’s worrying is that the cyber elements of this conflict could escalate quickly. We have the potential for unprecedented cyber-physical impacts, including attacks on critical infrastructure. However, before a full-blown cyber disaster becomes likely, we believe there will be several levels of escalation needed to reach that stage.”

CyberCube’s report recommends that insurance brokers and risk carriers encourage their clients to focus on threat modeling Russian advanced persistent threats, known criminal gangs’ tactics, techniques and procedures, and cyber security best practices.

Since the conflict began, both Ukraine and Russia have openly recruited a global volunteer cyber force to attack their enemies’ IT systems and networks. Infamous hacking collective Anonymous has joined the conflict alongside Ukraine, while ransomware gang Conti has sided with Russia.

According to CyberCube data, as of 1st March, there were at least 33 different cyber threat actor groups actively assisting Ukraine (22) and Russia (9).

Companies in the high-risk geographies of Ukraine, Russia and CIS countries are most at risk of experiencing losses due to cyber attacks. BI claims are likely to stem from cyber attacks on critical infrastructure and key IT single points of failure.

Darren Thomson, CyberCube’s head of cyber security strategy, commented: “The risk of a cyber disaster impacting re/insurers’ portfolios is higher as a result of Russia’s intent, opportunity, and capability to compromise SPoF targets that give them widespread and unfettered access to critical computer networks and data. Hacktivist coalitions and cyber criminals are taking sides, with prolific groups pledging services to aid the Russian government’s war machine.”

Share Story: