Lloyd’s of London investigates alleged cyber attack

Lloyd’s of London launched on Wednesday an investigating into a possible cyber attack after having detected unusual activity on its network.

Lloyd’s of London is investigating a cyberattack after detecting unusual network activity this week. In response to the alleged intrusion it has reset the IT infrastructure and shut down any external connection.

“Lloyd’s has detected unusual activity on its network and we are investigating the issue,” a spokesperson told the media. “As a precautionary measure, we are resetting the Lloyd’s network and systems. All external connectivity has been turned off, including Lloyd’s delegated authority platforms.”

The incident comes after the entire insurance industry was alerted of cyber attacks as a result of the ongoing conflict between Russia and Ukraine. Companies in the insurance market condemned Russia’s invasion of Ukraine and supported sanctions against Moscow. Both UK and European Union banned on insuring ships carrying Russian oil.

In August, Lloyd’s of London told to its insurance syndicates that it will no cover losses caused by cyber attacks conducted by nation-state actors and resulting from malicious activities related the ongoing conflict.

“It is important that Lloyd’s can have confidence that syndicates are managing their exposures to liabilities arising from war and state backed cyber-attacks.” reads a bulletin sent to syndicates.

“At a minimum, the state backed cyber-attack exclusion must:

1. exclude losses arising from a war (whether declared or not), where the policy does
   not have a separate war exclusion.
2. (subject to 3) exclude losses arising from state backed cyber-attacks that
   (a) significantly impair the ability of a state to function or (b) that significantly impair
   the security capabilities of a state.
3. be clear as to whether cover excludes computer systems that are located outside
   any state which is affected in the manner outlined in 2(a) & (b) above, by the state
   backed cyber-attack.
4. set out a robust basis by which the parties agree on how any state backed cyberattack will be attributed to one or more states.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Lloyd’s of London)

[adrotate banner=”5″]

[adrotate banner=”13″]