Iran cyber threat warning spotlights insurance cover gap

A US government agency has warned organisations to be vigilant for cyber attacks as it highlighted “Iran’s historic use of cyber offensive activities to retaliate”, and insurance experts from BMS Group pointed to the low volumes of cyber insurance take up in shipping.

The US Cybersecurity and Infrastructure Security Agency (CISA) sent out an alert about the potential for cyber attacks on January 6, just days after Iranian general Qasem Soleimani was killed by a US drone strike in Iraq.

James Gordon, managing director of Cyber & Technology at BMS Group, told Intelligent Insurer: “The cyber insurance market has been trying to push the product to the shipping industry for years. There are a number of facilities and markets in London targeting shipping and marine industry clients.

“Cyber insurance is not exactly a new product anymore but the shipping industry has not bought cyber in significant volumes yet. So I don’t think there are the losses there yet to put insurers off, or to cause them to pull out. That could change quickly of course. But we’re still at the stage of encouraging clients to buy it.”

He said that shipping in the region could be seen as slow moving targets for physical attacks, as we’ve seen, adding that the systems that vessels employ “won’t always be the most technologically secure”.

He said: “Most will not have a network security budget like that of a large multinational bank, for example. So, attackers may find ships to be easier targets but it depends what they’re trying to get out of it. We could assume that aggressors will want to cause as much havoc to US companies as possible. So, it won’t necessarily be about stealing financial data or extorting money - although that will still be going on – but causing as much disruption as possible.”

Head of International at BMS Group David Battman explained: “One of the reasons we thought of increased cyber attacks was because over the last couple of years there have been some significant attacks on Saudi public sector infrastructure.”

Gordon added: “It’s easier and more cost effective to remotely launch an attack from a computer than to keep firing long range missiles or mobile physical armed forces.”

The CISA notice urged US organisations to take action to mitigate the risks from attack and listed previous Iranian activity. This included actors working on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC) who targeted the US financial sector with DDoS attacks between 2011 and mid-2013. Groups acting for IRGC also gained unauthorised access to the control systems of the Bowman Dam in Rye, New York, in 2013 and hacked the Sands Las Vegas Corporation in Las Vegas in 2014 stealing customer credit data.