The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning of the risk of Russian cyber-attacks spilling over onto United States networks as part of the Russian invasion of Ukraine. This follows previous CISA warnings on the risks posed by Russian cyber-attacks for critical infrastructure. The European Central Bank (ECB) has similarly warned European financial institutions of the risk of Russian cyber-attacks and related market disruptions.

The risk of cyber-attacks forces businesses and insurers to examine their policies to determine the coverages that may apply to losses caused by a cyber-attack. The current elevated risk draws into focus the recent decision in Merck and International Indemnity v. ACE (et al.), in which the Superior Court of New Jersey examined coverage under an All-Risk for loss arising from the NotPetya malware, which was allegedly used by Russia in a cyber-attack on Ukraine and spilled over into the rest of the world. The Merck court found that the “Hostile/Warlike action” exclusion contained in the subject policy was inapplicable and could not be used to exclude coverage for the loss.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]