DLA Piper Faces Insurance Claim Denial After NotPetya Attack

DLA Piper has become the latest big name to be denied a multimillion-dollar insurance claim following major losses caused by the NotPetya ‘ransomware’ campaign of 2017. The multi-national law firm is said to be launching a legal case against its insurer Hiscox for failing to pay out. However, a spokesperson from the insurer confirmed to Infosecurity that the case, currently in arbitration, is not related to a specific cybersecurity policy and does not involve an "act of war" exclusion, as has been reported.

Zurich Refuses Mondelez Claim with "Act of War" Exclusion

The latter is the reason that insurance giant Zurich is said to be refusing to pay out a multimillion dollar claim from confectionary giant Mondelez. The Cadbury owner is said to be suing the insurer for over $100m to cover permanent damage to 1700 of its servers and 24,000 laptops as well as unfulfilled orders and other operational disruption.

Russian Involvement and the Challenge of Proof

Russia was directly blamed for the June 2017 attacks, which started in Ukraine but quickly spread around the world via the VPNs of multi-nationals with offices in the country. However, the Five Eyes governments that issued these statements, led by the UK, failed to provide hard evidence to back up their claims, which won’t make it easy for the insurers to make their case in court.

Impact on DLA Piper

DLA Piper was hit hard by the destructive ransomware strain, after becoming infected via a supplier. The company’s flat networks structure is said to have allowed the malware to spread fast across the globe. The legal giant was forced to pay 15,000 hours of overtime to IT workers to help recover from the incident, which forced it to start afresh with its entire Windows environment, according to reports.