Following the massive ransomware attack on Tuesday, cyber security experts to come together with insurance companies to hash out modalities to include cover for cyber attacks
File photo of a vessel docked at JNPT
Most people count on their insurance to kick in and save them when things go south, but considering the absolute dependence on the Internet for most operations, it's surprising that India still has no provisions for insurance in case of a cyber security failure.
This egregious oversight came to light yesterday, when Tuesday's cyber attack with ransomware Nyetya downing operations of one of the ports in the city with no insurance cover in case of losses. So much so, that it has now set into motion the formation of a high-level team — including cyber experts, retired police officials and insurance companies — that will decide on insurance modalities to ensure that such attacks get covered, as they are already in other countries.
Confirming the move, Vijay Mukhi, a cyber security expert said, "The GTI terminal at JNPT had to be completely shut down due to a cyber attack elsewhere in a foreign country. Luckily, there were no vessels lining up to enter the berth, which otherwise would have resulted in major revenue loss."
To that end, cyber experts, including former commissioner of police D Shivandan, will be meeting on Saturday to discuss how this needs to be prioritised for future untoward cyber attacks. He said, "The Nyetya attack, and numerous recent cyber attacks globally are making our worst fears come true. We are coming together not only to work out modalities to cover financial losses due to cyber attack by getting insurance cover, but also working on investigation and litigation." Mukhi added, "We are keen to formulate a complete cyber security cover, which includes, technology, policing and insurance, so that any future cyber attack doesn't cause a voluminous financial loss to any company, for a third unknown party's action."
What do insurers say?
Bhairav Dhilla, a partner with Out Think Insure, an insurance broking agency, said, "In cyber attacks, the key issue is ransom, usually demanded in bitcoins that no insurance company would ever give. We try to understand the modalities that the companies are vulnerable to, and be a bridge between the insurance company and the client and insure them from potential cyber attacks. We have already started speaking to Bajaj Allianz, ICICI Lombard, Future Generali, and they have given us a positive response."
State in denial
However, senior officials attached to the Union Communication and IT department feel they already address the issue and said, "As per existing guidelines, no sensitive information is to be stored on systems connected to the Internet. The government has also formulated a crisis management plan for countering cyber-attacks and cyber-terrorism." This, though, said Mukhi, is more a theoretical stand rather than practical.
Nyetya docks at JNPT
If you thought that Nyetya, currently crippling the West, hasn't reached Indian shores, think again: It has brought one of the three ports at JNPT to a complete shutdown. Senior JNPT officials said, "Gateway Terminals India (GTI), a subsidiary of Maersk, and the third container terminal, was affected due to the Nyetya attack. The entire operation is shut down. It will take another 24 hours for things to normalise."
A GTI officer added, "We handle 11 international vessels per week, and at the time of cyber attack, two were berthed. We cleared one of them, but the other was handled manually, as servers were affected."