There has been an alarming rise in serious cyber attacks targeting access to power plant control rooms and manufacturing lines with the aim of causing disruption to facilities. But is physical damage covered by your cyber insurance policy?

From power plants to manufacturing facilities, mining, automotive and more, remote access to production lines and machinery is revolutionising the way businesses and plants are operated.  But increased connectivity also exposes organisations to the threat of physical disruption, damage and even system failure from malicious hacking attacks.

Cyber security breaches are already costing manufacturers millions of dollars, with companies facing highly targeted attacks on an almost daily basis. In fact, there has been an alarming rise in serious cyber attacks targeting access to control rooms and manufacturing lines with the aim of causing serious damage and disruption.

Not long ago, the Wall Street Journal reported that hackers had gained remote access to the control rooms of many US power suppliers. The access – which even reportedly extended to command centre computers that were not directly linked to the web – could have let the hackers shut down networks and cause blackouts across the country.

A growing threat to industrial infrastructure

Clearly, the threat to industrial infrastructure from malicious hacking attacks is real and serious, and cyber security experts have warned that attacks are on the rise, particularly apparently state-sponsored attacks in the current climate of escalating global political tensions.

The trend for remote access to production lines and facilities is only going to increase. After all the technology has revolutionised efficiency and oversight for manufacturers and plant operators, allowing businesses to view and operate automated production line machinery from anywhere at any time, providing unprecedented efficiency gains.

And developers are constantly expanding the connectivity scope of their offerings – from national grid automation to multi-location production lines, or a building’s boiler and sprinkler systems – and more and more hardware and devices are not only accessible online, but the systems that host and track them are also increasingly centrally interlinked.

Check your policy wordings

Just as the technology is constantly evolving, so too is cyber risk constantly developing. It is vitally important to partner with companies that make it their business to spot any potential gaps that could leave businesses vulnerable.

Property damage and business interruption are now well established components of the arsenal of hackers. But did you know that physical damage is excluded by many cyber insurance policies?

If you operate a power facility, manufacturing plant, hospital, hotel or other internet of things-enabled facility (and let’s face it it, almost every modern building has some form, of remote access technology these days), this exclusion may directly impact your ability to recover post cyber-event.

Comprehensive cover

In addition to providing coverage in standard cyber areas such as third party liability, first party liability, data breach clean up, and social engineering loss, Endeavour’s Ensconce Cyber Security Cover offers coverage in instances of remote access to a client’s production line, any property damage to a facility, system failure and business interruption due to malicious cyber attack.

Ensconce also covers reputational harm, fines and penalties resulting from a cyber attack, as well as IP theft and extortion.

Check the small print – does your cyber insurance policy offer the cover your business needs?