Merck wins NotPetya ransomware attack legal battle

    Merck, the Pharma giant from New Jersey, has won a legal battle with its insurer for covering costs related to the NotPetya ransomware attack that crippled its computer networks to the core incurring losses in millions.

    Moving ahead into the details, the year 2017 witnessed many companies falling prey to NotPetya ransomware hackers. A Russian funded hacking group was behind the spread that initially targeted companies operating in Ukraine, but soon distributed it to global networks, causing billions of damage to entities.

    Merck was one of the company that was targeted by the said file encrypting malware gang. The pharmaceutical company thought that its cyber insurance will cover the incurred losses and so tried its best to recover from the consequences by diverting its annual budgetary funds for the damaged IT infrastructure.

    However, to its surprise, the insurer, ACE American, denied paying the costs as it was not covered by the “all-risk” property insurance policy that was taken by Merck.

    After negotiating a lot with the insurance companies, the American pharma giant reached out to the New Jersey Superior court for justice.

    And after much delay, the final decree came in the favor of Merck as it won the $1.4 billion insurance cover battle with ACE American under the rigorous rendition of Acts of War Clause.

    NOTE- NotPetya was a successor to the Petya ransomware and was spread by Sandworm Hacking group funded by Moscow. And as per a report released by Kaspersky in 2019, the said ransomware was being run under the supervision of GRU Russian Military Intelligence and has targeted multinational companies such as Merck & Co, Rosneft, Saint-Gobain, DLA Piper, Mondelez International, Heritage Valley Health Systems, Cadbury Chocolate factory in Tasmania, FedEx, Maersk, and several other health care service providers in Australia.

    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display