Insurers have actually ruled out war-related damage in their contracts by default - this also applies to cyber policies, which are becoming increasingly popular in view of attacks on company systems via the Internet.

But should the Russian war of aggression against Ukraine actually spread to the systems of companies and state institutions, according to industry circles, insurers could face billions in payments despite all the clauses.

A major cyber attack could quickly cost $20 billion or more - that's as much as a major hurricane in the US.

It is often difficult to prove who is really behind a cyber attack.

The contracts speak abstractly of "state-sponsored actors".

What is covered by this is difficult to define and must be reassessed for each claim, Bruce Carnegie-Brown, head of the London insurance market Lloyd's, told Reuters.

No attacks in the west since the start of the Ukraine war

At least in the West, no cyber attacks have been registered since the Russian invasion of Ukraine.

According to the US government, however, Russian hackers are "preparing" for attacks on American companies.

However, it is unclear whether they will eventually become serious.

However, even if an insurer is able to prove that a cyber attack on one of its customers was due to the Ukraine war, this may not be sufficient to claim war exclusions.

Because the formulations in the contracts are inconsistent and leave room for interpretation, says insurance expert Marcos Alvarez from the rating agency DBRS Morningstar.

There is a fight programmed.

A gray area is, for example, "cyber terror attacks", which are basically covered according to the contracts.

The term is so broad that customers can refer to it very extensively, says Yosha DeLong, cyber boss at insurer Mosaic.

"Whenever there are ambiguous wordings in a contract, it is to the advantage of the customer and not that of the insurer." Only in January did a court in the US state of New Jersey agree with the US pharmaceutical giant Merck, which had 1.4 billion Dollar had sued from his insurer.

In 2017, Merck was the victim of the “NotPetya” cyber attack, for which the Washington government blamed Russia.

There were targeted attacks in Eastern Europe

The war in Ukraine has long been taking place online.

According to a report by the analysis company CyberCube, there have been attacks on critical infrastructure, government services, banks and telecommunications in Ukraine.

But government agencies in Russia are also the target of cyber attacks, which even spilled over to neighboring countries such as Belarus, Poland, Lithuania and Latvia.

Meredith Schnur, who is responsible for the topic in the US and Canada at insurance broker Marsh, says some cyber insurers are already considering excluding Russia and Ukraine from coverage altogether.

Cyber ​​insurance premiums skyrocketed long before the Ukraine war.

The main reason for this is the ransom that the Internet blackmailers demand.

They no longer demand lump sums, but determine exactly how much their victim can - or must - afford.

According to Marsh, premiums more than doubled in the US and nearly doubled in the UK in the fourth quarter.

Industry circles say that this will continue on a similar scale this year.

Numerous companies no longer dare to insure large corporations against attacks from the Internet, or only in syndicates, and prefer to concentrate on medium-sized companies.

"Ukraine and Russia only increase the pressure on premiums and availability," says an adviser.

Keywords: