Add cyberwar to the long list of reasons for why insurance companies will deny claims

Essentially, Zurich’s position is that NotPetya was a “hostile or warlike action” by a “government or sovereign power.” In fact, NotPetya is widely viewed as a state-sponsored Russian cyber attack masquerading as ransomware that was designed to target Ukraine but inadvertently spread globally. Russia denies these allegations.

According to Mondelez, even Zurich had doubts about denying coverage and at one point, rescinded its denial and committed to advancing $10,000,000 partial payment towards Mondelez’s insurance claim. But, for some reason, Zurich changed its tune and reasserted the declination of coverage.

For me this story is less about what is cyberwar, and more about why insurance companies are so good about self-declaring reasons to refuse coverage.

I recently had an insurance company executive tell me they were in the healthcare industry. So I asked if they provide care, to which they replied “no, we know more than anyone, even doctors, about health and we want to encourage people to make smaller and fewer claims.”

That’s not healthcare. That’s finance. Fewer claims (of care) means more margin.

The NotPetya-based denial of claim means the insurance company has assigned themselves the fun burden of proving that a “government or sovereign power” has committed a “hostile or warlike action”. Presumably they think the cost of that proof is less than $10,000,000

Advertising news sources are saying that it was an accident.

On Tuesday at about 7 p.m. ET, many publishers both in the U.S. and Australia saw many–if not all–of their ad slots filled with display ads featuring nothing but the color yellow. They were up for 45 minutes.

The costly mistake occurred during a Google training program when an employee accidentally purchased the 300×250 ad units, the sources said. Publishers who checked their logs saw the advertisements came from theiconic.au.com, an Australian retailer.

Estimates are upwards of $1m burned in just hours. Google made an official statement, confirming both payments and that the protest didn’t encounter any resistance.

We will honor payments to publishers for any ads purchased and are working hard to put safeguards in place to ensure this doesn’t happen again

I’ll be presenting again (10th year in a row) at the RSA Conference in SF, discussing how the focus for our information security industry should have shifted fundamentally after 2014 from ongoing confidentiality to growing integrity concerns.

SESSION ID: MASH-F02

TITLE: Top 10 Security Disasters in ML: How Laurel and Yanny Replaced Alice and Bob

SCHEDULED SESSION DAY AND TIME: Friday, Mar 08, 9:50 AM

ROOM: Moscone West 2007

LENGTH: 50 minutes

ABSTRACT: A seismic shift is upon us. Integrity flaws stand looming and untamed despite the security industry making great progress in availability and confidentiality awareness and control. Now a crisis of trust is developing as developers rush into “machine learning” with integrity a paramount risk. This talk will expose keys of past breaches of integrity to help attendees prepare to control ones just ahead.

QUICK ABSTRACT: If you thought confidentiality breaches were a crisis, are you ready to detect and prevent integrity failures at machine speed?

LINK: https://www.rsaconference.com/industry-topics/presentation/top-10-security-disasters-in-ml-how-laurel-and-yanny-replaced-alice-and-bob (including PDF)

RECORDING:

In an awkwardly worded statement, the laptop manufacturer has alerted owners of its 13-inch Macbook Pro that SSD firmware flaws are causing serious data corruption and even complete failure.

Apple has determined that a limited number of 128GB and 256GB solid-state drives (SSD) used in 13-inch MacBook Pro (non Touch Bar) units have an issue that may result in data loss and failure of the drive. 13-inch MacBook Pro units with affected drives were sold between June 2017 and June 2018.

Apple or an Apple Authorized Service Provider (AASP) will service affected drives, free of charge. Apple recommends having your drive serviced as soon as possible.

A few things stand out here:

1. The firmware update means an Apple “technician will run a utility”
2. The repair process is to backup your data, update the SSD firmware in a destructive manner, and then restore all your data from backup. And this begs the question why someone can’t do the update themselves if it means restoring a backup to a fresh OS install. Apple ought not be worried about data loss or failure in the process as that’s a guaranteed outcome. Are they concerned the firmware update would brick the laptop, or that the utility would grant too much authority to the end user?
3. Data already destroyed by the faulty SSD can not be recovered
4. Anyone who already paid for this service can get a refund. Although at the same time, it only “covers affected MacBook Pro models for 3 years after the first retail sale of the unit”. The repair will not be free if your SSD has faults beyond 3 years…