Insurers Must Pay Merck's $1.4B Losses For NotPetya

Uploaded on 2023-05-09 in FREE TO VIEW, BUSINESS-Services-Financial

Merck's insurers can't use an "act of war" clause to deny the pharmaceutical giant an enormous payout to clean up its NotPetya infection, a court has ruled and Merck may now be entitled to a large insurance payout from the high-profile NotPetya cyber attack provided an appeals court ruling stands.

The appellate court in New Jersey has ruled that insurance companies must pay more than $1.4 billion to cover losses incurred when Merck’s systems became infected with NotPetya malware in 2017. The court ruled that the war exclusions the insurance companies were invoking in a bid to deny coverage did not apply in the case of the cyber attack.

The case stemmed from a ransomware attack Merck suffered in June 2017 on the eve of Ukraine’s Constitution Day. The NotPetya malware was delivered into an accounting software developed by a Ukrainian company that was used by Merck and other companies, according to the court’s description of events. More than 40,000 machines in Merck’s global network were infected.

The U.S. government later attributed the attack to Russia’s military intelligence operations and charged six Russian officers in connection with the event.

Pointing to Russian military involvement, Merck’s insurers invoked the hostile/warlike action exclusion clause in their policies and refused to cover the company’s losses.An appellate court recently officially rejected an argument by the insurers for Merck & Co. that they are not liable for the pharmaceutical giant's $1.4 billion in losses following a 2017 cyber attack because the incident fell under exclusions for acts of war.

The New Jersey appellate court judges said that in order for a cyber attack to fall under any type of war exclusion it must involve military action. 

The Russian-backed NotPetya malware was found to be behind the cyberattack, and since Merck's Ukraine operations were initially targeted, insurers claimed the breach was an extension of military hostilities following Russia's invasion of Ukraine. "The exclusion of damages caused by hostile or warlike action by a government or sovereign power in times of war or peace requires the involvement of military action," the judges explained in their ruling.  "Coverage could only be excluded here if we stretched the meaning of 'hostile' to its outer limit."

Covington & Burlington LLP:    Law360:    Dark Reading:    Bloomberg:    Fierce Pharma:   SANS:   The Register:  

You Might Also Read: 

Insurers Will Exclude Some Nation-State Cyber Attacks From Cover:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Challenges For CTOs In 2023
Malware Disguised As Legitimate Android Apps »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

UL Solutions

UL Solutions

UL Solutions is a safety, security and compliance consulting and certification company. Areas covered include cyber security.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

Zero Networks

Zero Networks

With Zero Network, you can achieve affordable, airtight network access security at scale.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

BreachQuest

BreachQuest

BreachQuest brings together cybersecurity experts with decades of experience identifying security flaws, penetrating networks, and responding to incidents.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Punk Security

Punk Security

Punk Security are specialists in integrating security into DevOps pipelines, enabling rapid and secure development.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

OxCyber

OxCyber

OxCyber's mission is to ignite and encourage cybersecurity and technology growth in the Thames Valley through meetings, webinars, in person events, workshops and mentorship programs.

Astreya

Astreya

Astreya is the leading IT solutions provider for some of the world's most recognizable and innovative organizations.

QFunction

QFunction

QFunction works within your existing security stack to detect anomalies and threats within your data.

Backblaze

Backblaze

The Backblaze Storage Cloud provides a foundation for businesses, developers, IT professionals, and individuals to build applications, host content, manage media, back up and archive data, and more.

Invisinet Technologies

Invisinet Technologies

Invisinet is a cybersecurity technology company specializing in innovative solutions that protect network infrastructure and critical assets from advanced threats.

Cyberspatial

Cyberspatial

Cyberspatial Teleseer - Discover and map your network in minutes. Next-gen packet analysis and network visualization. All from your web browser.