6 Cyber Attacks that Caused Property Damage

Posted by The ALS Group on Mar 14, 2017 12:33:22 PM

You’ve heard of cyber attacks causing customer data breaches, business interruptions, reputation management issues, and public relations nightmares – but what about physical damage?

Sometimes cyber attacks involve more than just data theft. Past hacking events have caused property damage and even bodily injury. In the wake of Stuxnet, security experts have warned of the increasingly destructive capabilities of cyber attacks. We’re starting to see those warnings come to fruition.

Here are six instances where malicious hackers caused physical damage – and cost businesses, organizations and/or governments millions of dollars.

German steel plant meltdown

german steel plant meltdown 2.jpg

In 2015, using phishing emails to gain login credentials, hackers wreaked havoc at a German steel mill by disrupting the control system and shutting down parts of the plant, resulting in millions of dollars of damage to the blast furnace.

Ukrainian power grid sabotage

ukranian power grid hack 2.jpg

Russian-backed hackers remotely disabled electricity to a wide swath of Ukraine in December 2015. They then uploaded faulty firmware in order to make fixing the breach even more difficult. The case laid out a frightening blueprint on how to replicate this experiment on other power grids.

Polish teen remotely derails trains

In 2008 a teenager from Lodz, Poland tripped rail switches and redirected trams using a homemade transmitter. His stunt injured twelve people when four trams derailed.

Disgruntled applicant spills raw sewage

Back in 2001, an Australian man was convicted of hacking into his small town’s computerized waste management system and deliberately spilling millions of gallons of raw sewage into parks and rivers in the area. Vitek Boden spent two years in prison for the offense.

Hacker tampers with hospital ventilation system

In 2011, a man was sentenced to nine years in prison for infecting machines at the hospital for which he worked with malware and installing a remote-access program on the hospital’s HVAC system. Authorities asserted that Jesse William McGraw jeopardized patient safety by putting drugs and other medical supplies at risk by altering the heating, air conditioning, and ventilation systems.

Oil pipeline leak detection systems compromised

In this instance, while no property damage occurred, the Southern California coastline was exposed to an environmental disaster. In 2009, hackers temporarily disabled the computer system designed to detect pipeline leaks for three oil derricks of the coast of Southern California. Had a leak occurred during that time, it would have potentially gone undetected.

So what can businesses do to protect themselves from these kinds of increasing and potentially devastating threats?

Insurance coverage of cyber attacks

Normally, cyber insurance policies do not cover property damage (or bodily injury) so insureds must rely on more traditional lines for coverage, like their Property policy or their Commercial General Liability policy.

While data breaches that result in property damage are less frequent, their results can be devastating and likely far exceed the limits of your cyber policy.

This isn’t to say that property damage resulting from a data breach will definitely be covered by your property policy. You’ll want to confirm that your coverage is “all risk” coverage, which covers any peril not specifically excluded. Also, look for property insurers to begin excluding property damage or business interruption claims related to computer or cyber related incidents in the future.

At the ALS group, we work with a variety of different types of businesses to make sure they have appropriate cyber liability insurance coverage. Have questions about your organization’s coverage? Contact us for a cyber insurance audit.

New Call-to-action

Topics: Cyber Insurance, Cyber Risk, cyber attacks

The ALS Group

Risk Management Blog

We manage more than a quarter billion dollars of premiums for a diverse range of clients around the globe. 

Our areas of expertise include:

  • Enterprise Risk Management (ERM)
  • Cyber Security & Cyber Liability Insurance
  • Construction Management
  • Customized Risk Management Assessments (RMAs)

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all