https://www.nytimes.com/2019/04/15/technology/cyberinsurance-notpetya-attack.html
By Adam Satariano and Nicole Perlroth
The New York Times
April 15, 2019
LONDON -- Within days of a cyberattack, warehouses of the snack foods
company Mondelez International filled with a backlog of Oreo cookies and
Ritz crackers.
Mondelez, owner of dozens of well-known food brands like Cadbury chocolate and
Philadelphia cream cheese, was one of the hundreds of companies struck by the
so-called NotPetya cyberstrike in 2017. Laptops froze suddenly as Mondelez
employees worked at their desks. Email was unavailable, as was access to files
on the corporate network. Logistics software that orchestrates deliveries and
tracks invoices crashed.
Even with teams working around the clock, it was weeks before Mondelez
recovered. Once the lost orders were tallied and the computer equipment was
replaced, its financial hit was more than $100 million, according to court
documents.
After the ordeal, executives at the company took some solace in knowing that
insurance would help cover the costs. Or so they thought.
Mondelez’s insurer, Zurich Insurance, said it would not be sending a
reimbursement check. It cited a common, but rarely used, clause in insurance
contracts: the “war exclusion,” which protects insurers from being saddled with
costs related to damage from war.
Mondelez was deemed collateral damage in a cyberwar.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
