Skip to the content

Bank of England examining insurers exposure and cyber security defences

The Bank of England is examining the exposures of Britain's insurers to fallout from financial sanctions on Russia, while warning of the pressing need to ensure robust defences against the increasing global threat of cyber-attacks.

Britain, European Union, United States and other countries have agreed on a raft of sanctions on Russian banks and its central bank following Russia's invasion of Ukraine. As a result of these heightened geopolitical tensions, fears of cyber-attacks on western financial institutions have been increased.

According to the 2021 Cyber Threat Report by SonicWall, there has been reported a 62% increase in Ransomware since 2019. This worrying figure is set to rise further as cybersecurity attacks are becoming more complex and difficult to detect.

The attacks included:

  • Colonial Pipeline, the largest fuel pipeline in the US, suffered a cyberattack that disrupted fuel supplies all along the East Coast of the United States (in 12 US states) for several days. Colonial Pipeline Company shut down its entire operations to prevent further damage. The company paid £3.2m ($4.4 m) in bitcoin to hackers, with the FBI’s help.
  • Taiwanese computer hardware giant Acer suffered a Ransomware attack by the REvil hacker group, the same hackers who attacked London foreign exchange firm Travelex in 2020. The hackers demanded a ransom of £37m ($50 m) from Acer.
  • ExaGrid, a backup storage company that helps businesses to recover after a ransomware attack also suffered from a ransomware attack of its own. According to LeMagIT, a ransom of £1.9m ($2.6) was paid to the hackers.

Charlotte Gerken, executive director for insurance at the BoE said: "What we are doing is going through with firms what the nature of their exposures may be, both direct and indirect, and working very closely with the Treasury.”

The BoE has said that exposures of banks to Russia are relatively low and Gerken declined to comment on individual firms while signposting resilience to cyber-attacks, the need to quantify the impact of climate change, and more diversity in boards and management as key priorities in 2022.

She added: “We expect firms to be able to demonstrate their operational ability to withstand and recover from severe but plausible scenarios such as ransomware attacks.”

Gerken also warned that cyber risk continues to threaten all businesses and having a cyber insurance policy does not substitute the need for a robust framework to manage cyber risk. While some insurers have made progress in adapting to risks from climate change, some have gone further than others, "From 2022, we will shift to actively supervising climate risk," she said.

Cyber insurance helps protect organisations from the fallout from cyber-attacks and hacking threats by potentially covering certain consequential financial costs and minimising business disruption.

W Denis can arrange specialist cyber insurance cover and can offer first class technical advice. Solutions are available for multi-billion turnover businesses, down to small start ups. To discuss this further with an expert at W Denis, please make arrangements with Daniel Moss at Daniel.moss@wdenis.co.uk or on 0044 (0)113 2439812

Contact Us

Call us today on 0044 (0) 113 243 9812 or arrange a call back to find out how you could benefit from our intelligence-led insurance policies.