In light of the recent rise in ransomware claims/events, we believe it’s valuable to share new and interesting areas of exposure that most may not have previously contemplated. Typically, hackers seek to penetrate a company’s security systems with the intent of demanding a ransom payment in order to allow a Company/Governmental agency the ability to regain control of their systems/data. This new “jackware” takes it a step further. The hacker goes in and seeks to take control of your devices/smart devices to make them perform other functions rather than what they were intended to do.
“What is jackware? Ransomware’s vicious cousin” is a good example that conveys how hackers turned up the temperature on a furnace system to greater than 2,000 degrees with the intent of burning the entire German factory down. Given the current Geo-political environment we are in, combined with the culture of extremists within our country, there is definitely cause for alarm here.
Let’s take a look at the situation between Twitter and Elon Musk for example, what if members of society who oppose Musk taking control of Twitter seek to hack into Tesla or Space X’s systems to create a disruption to those businesses? That is a scary type of scenario that a “jackware” event can cause.
The bigger issue, from an insurance perspective, is which policy would respond to resulting damage caused by a jackware event? This is where things get tricky – Bodily Injury/Property Damage would typically fall under a Commercial General Liability (CGL) policy, not a Cyber policy, although it may be too early and there may not be enough case law to make that determination. If your organization experiences one of these types of incidents, we believe the prudent thing to do would be to report this as a claim under both the Cyber Policy, as well as your CGL policy, in order to cover all bases and address all potential liabilities/exposures you may have from such a cyber related incident.