Some insurance companies cited “act of war” exclusions to try to avoid covering the damage of a Russian cyberattack against Ukraine in 2017 that rippled outward internationally, causing billions of dollars in damage. Now, as U.S. officials warn of similar hacks, a New Jersey judge said such clauses covered “traditional” war—physical, not cyber, activity.
“The insurance industry, like many others, is one big pendulum between fear and greed,” said Joshua Motta, chief executive of insurer Coalition Inc., which offers cyber-specific coverage. Mr. Motta said costly ransomware attacks in recent years have nudged the pendulum toward fear and pushed some insurers to ramp up prices or curtail coverage of cyber incidents generally. Hackers recently disabled Ukrainian government computer networks and defaced official websites, leading Washington to warn of escalating breaches that could allow attackers to jump from initial targets in Ukraine to U.S. businesses.