View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
October 6, 2022

Lloyd’s of London hit by possible cyberattack

The insurance market is investigating a possible breach, which may be linked to its involvement in sanctioning Russia.

By Claudia Glover

Lloyd’s of London is investigating a potential cyberattack on its network. The insurance market says it has detected “unusual activity” on its systems, and has turned off all external connectivity. 

Lloyd's of London cyber attack
Lloyd’s of London hit by a possible cyberattack. (Photo by Simon Vayro at Shutterstock)

A spokesperson for the company told Tech Monitor: “Lloyd’s has detected unusual activity on its network and we are investigating the issue. As a precautionary measure, we are resetting the Lloyd’s network and systems. All external connectivity has been turned off, including Lloyd’s delegated authority platforms.

“We have informed market participants and relevant parties, and we will provide more information once our investigations have concluded.”

The spokesperson did not comment on whether or not it has been contacted by hackers, or if a ransom demand has been issued, but Lloyd’s has been closely involved with the design and implementation of sanctions imposed on Russia in response to its invasion of Ukraine, which may have put it in the crosshairs of Russian hackers.

Many Russian-speaking ransomware gangs have been active in their support of Vladimir Putin’s regime. In August the NHS 111 service was hit by a cyberattack that knocked out its systems for more than 24 hours. The attack coincided with then prime minister Boris Johnson’s visit to Ukraine to meet Volodymyr Zelensky.

Lloyd’s cyberattack and the campaign against insurers

Insurance providers, particularly those that offer cyber insurance, are a popular target for criminals. Some have even sought to hack cyber insurance databases to ensure that they can demand the entire premium as ransom.

This has led to insurance premiums increasing in price and, in some cases, becoming harder to obtain. French insurance company Axa announced that it would not fulfil any further cyber insurance claims last year, and was itself hit by a cyberattack days later.

A member of the REvil ransomware gang dubbed insurance premiums one of the “tastiest morsels” in an interview with security company Recorded Future. Gangs “hack the insurers first – to get their customer base and work in a targeted way from there,” the unnamed cybercriminal said. “After that, you go through the list, then hit the insurer themselves.”

Content from our partners
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer
Financial management can be onerous for CFOs, but new tech is helping lighten the load

Lloyd’s, which reported an underwriting profit of £1.2bn for the first half of 2022 has been at the forefront of drafting new cyber insurance clauses. It has instructed its 76 insurance syndicates to remove “nation-state-backed cyberattacks” from insurance policies by March 2023. Losses “arising from a war,” as well as from state-backed cyber attacks, that, “significantly impair the ability of a state to function,” must also be excluded from policies.

Lloyd’s underwriting director Tony Chaudhry said at the time that though the organisation remains supportive of businesses suffering ransomware attacks, the growing size and scale of the threat could “expose the market to systemic risks that syndicates could struggle to manage”.

Read more: Is the cyber insurance market broken?

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU