Cyber risks for the logistics industry

01 September 2017

"Petya" or "NotPetya" Ransomware

The recent ransomware attack, known as Petya or NotPetya, hit some of the world’s biggest corporate names, including many companies integral to the global supply chain. The malware disrupted production, order handling, and logistics around the world and led to severe costs and losses.

Typical ransomware encrypts important documents and files on infected computers and then demands a ransom (usually in Bitcoin) in return for a digital key needed to unlock the files. Companies without backup files face a decision to pay the ransom or risk losing their files. In addition, during the event companies hit by ransomware attacks often face severe operational disruptions.

The Petya attack has been called NotPetya by some, because it masquerades as Petya ransomware. Once inside a corporate network, this destructive program wormed its way from computer to computer, trashing the infected machines' filesystems. The code was built to destroy, not extort and its impact on the global logistics was dramatic, with ports crippled, packages missing and customers struggling to place and track orders.

Supply chain integrity was severely compromised, with widespread service delays and some entities forced to resort to manual processes to operate.

Security experts warn that Petya and other ransomware strains will continue to proliferate as long as companies delay patching and fail to develop adequate response plans for dealing with these types of attacks.

Petya or nopetya ransomware

Possible Losses

One of the world’s largest shipping companies was forced to reroute ships to alternative destinations after IT systems were debilitated and they were unable to dock and unload containers at several ports. Companies were forced to suspend their main platforms for taking orders. Customer tracking services that allow businesses to monitor their shipping consignments were not functional and damage to data and systems were extensive.

These stories and many, many others arising out of this global event have led to huge extra expense and massive loss of revenue across the logistics industry. Prominent players in this space have already reported "material" losses, some as large as $30 million.

The various consequences of the cyber-attack could impact operations and financial conditions for logistics companies, including:

  • Loss of revenue from the operational disruption immediately following the cyber-attack
  • Loss of revenue due to permanent customer loss
  • Costs associated with the potential loss of critical business data
  • Increased operational costs to restore systems and operate contingency plans that will remain in place
Insurance Solutions

The Cyber and E&O market has robust solutions addressing costs and losses arising from NotPetya type attacks, or other security failures, attacks or viruses. Cyber coverage continues to improve and can be broadened to cover losses triggered by both system failures that might have come about internally and from downtime due to network outages at certain third party vendors, including cloud services companies.

Key cyber coverage grants include reimbursement for:

  • First party loss, including extra expense, data restoration and network business interruption / lost revenue, following a security or system failure
  • First party loss for money paid to investigate / resolve a cyber security extortion attack

In addition, Cyber Liability coverage is available for defense costs and damages arising out of a computer network/security failure or the failure to protect confidential information and/or violations of a privacy statute as well as for the costs to respond to a data breach and/or a regulatory investigation.

Finally, traditional E&O, including logistics E&O policies offer coverage for third party claims arising out of these types of incidents. For many of our clients, a combined policy structure ensures proper coverage for a wide variety of costs arising out of a cyber incident.

One note of caution, while the industry has handled thousands and thousands of data breach incidents, there is considerably less experience in adjusting first party cyber losses. Working through loss scenarios and matching costs and loss income to coverage requires expertise and experience. Our team of experts includes brokers, lawyers, claims handlers, forensic accountants, and others who have successfully resolved many cyber claims, and our ability to drive successful recoveries sets us apart from others.

We help you identify, Assess and Invest

Our view is that organizations struggle to understand their strategic E&O/Cyber risk. Traditional approaches produce either technical reports or data breach studies, both of which are of value but neither enable leadership to answer:

  • What impact – and of what magnitude – do strategic E&O/Cyber risks pose to our organization?
  • Faced with cyber threats, what investments should we make to best protect our organization?
  • What E&O/Cyber risks can and should we insure and at what level should we insure them?

The solution to answering these strategic risk questions is to use a threat and loss-based methodology. This approach:

  • Identifies potential business impacts and values at risk;
  • Quantifies costs to inform risk, finance, legal, and operational decision makers; and,
  • Shapes leadership’s understanding of the financial consequences.

Our process enables investment decisions that contemplate retained, financed and transferred strategic E&O/Cyber risks.

JLT Specialty USA’s Cyber and Errors & Omissions’ practice recognizes the complexity of cyber and E&O risks and utilizes this approach to identify, prioritize and transfer these risks. We have built a team of experts with a wealth of experience in sophisticated cyber and E&O solutions and a proven record of success working with clients of all sizes.

Our team members average 10+ years of specialty experience, have worked with numerous Fortune 500 firms, and have access to the global marketplace, including London and Bermuda. We can bring you best-in-class tools, resources, insight and advisory services and deliver solutions tailored to your
specific needs.

We welcome the opportunity to meet with you to discuss your cyber and E&O exposures, and would be pleased to conduct a complementary review of your current Cyber and E&O insurance program.

Download the full report

For further information, please contact

Barbara Spain
International Trade & Logistics
Senior Vice President
Tel: +1 312.235.8217
Email: Barbara.Spain@jltus.com

Steve Bridges
Cyber/E&O Practice
Senior Vice President
Tel: +1 312.637.6119
Email: Steve.Bridges@jltus.com