Lloyd’s of London Detects Suspicious Network Activity

Lloyd’s of London is probing a possible cybersecurity incident that led it to yank some systems offline.

See Also: Now OnDemand | C-Suite Round-up: Connecting the Dots Between OT and Identity

A spokesperson for the massive U.K. insurance and reinsurance market said unusual network activity provoked an overnight scramble to secure systems. “We are currently evaluating the best options for reconnecting these systems as we continue to investigate the issue,” the spokesperson told Information Security Media Group.

“We are working with specialist partners and a dedicated team and we continue to keep market participants and relevant parties updated,” the spokesperson added.

Details are scare at the moment, including whether the incident is malicious or involves ransomware and who may have instigated the incident. The market has been active in applying international sanctions against the Kremlin by denying marine insurance for Russia oil experts, the Financial Times reported earlier this year. “Lloyd’s supports and remains focused on the delivery of a global sanctions regime against the Russian state,” a spokesperson told Reuters.

Even before Russia’s February invasion of Ukraine, European regulators warned that “insurance groups are a natural target for cyberattacks” due to the confidential policyholder data they maintain.

Lloyd’s itself has stirred controversy in cybersecurity circles by telling underwriters earlier this year to begin excluding, as of March 31, 2023, coverage for cyberattacks linked to war or state-caused catastrophic attacks.

Market instability caused by the war poses “systematic risk to insurers,” wrote Tony Chaudhry, Lloyd’s underwriting director.

Lloyd’s underwriting restrictions reflect a trend among insurers who have limited claims stemming from cyber incidents globally. The U.S. Department of Treasury and the Cybersecurity and Infrastructure Security Agency announced that they are soliciting comments on ensuring insurance coverage for catastrophic cyberattacks (see: US Government to Study Cyber Insurance Backstop).