Lawyer Commentary JD Supra United States Are Cyber War & Cyber Terrorism Insurable?

Are Cyber War & Cyber Terrorism Insurable?

Document Cited Authorities (2) Cited in Related

The frequency of cyber war and terrorism is no longer the risk. The magnitude of the potential damages is the real threat.

It’s conceivable that an enemy of the U.S. government could hack a U.S. energy, water, or fuel distribution system causing loss of life, severe physical damage to property, or insurmountable financial damage to a non-government business. In 2007, the Department of Homeland Security conducted the “Aurora Generator Test” involving the turbine of an electricity generator that burst into smoke in the Idaho National Laboratory, ultimately causing failure of the device. Engineers determined that by simply changing the operating cycle of a power generator remotely via computer, the turbines could set fire, eventually destroying the machine. For a public or private company, the concern is whether a cyberattack on the U.S. government causing ancillary damage is insurable under a cyber liability insurance policy. The answer is not black and white.

This article explores that concern. First we examine the U.S. government’s definition and position on cyber war and terrorism. Second, we analyze the application of a war and terrorism exclusion under a cyber liability policy to the foregoing scenario.

The U.S. Government

Although the government’s definitions of cyber war and cyber terrorism are limited in scope to attacks on the U.S. government, the government’s definitions are a useful resource in analyzing whether a war and terrorism exclusion would apply to bar coverage to a public or private company under a cyber liability policy.

What Is the Government’s Definition of Cyber Terrorism?

Cyber terrorism is damaging computer-based attacks or threats of attack by non-state actors against information systems, conducted to intimidate or coerce governments or societies in pursuit of political or social goals. The FBI defines cyber terror as “the use of computer network tools to shut down critical national infrastructures—energy, transportation, government operations—or to coerce or intimidate a government or civilian population.”[1]

At a 2012 cybersecurity insurance workshop hosted by the Department of Homeland Security’s National Protection and Programs Directorate, the majority of attendees believed that “catastrophic” cyber risks that the federal government should be responsible for (e.g., war, terrorism, critical infrastructure failure, “in the wild” and state-sponsored computer viruses) are currently uninsurable. Before denying coverage under a terrorism and war exclusion, carriers must evaluate, among other things, whether: 1) it’s clear that an act of terrorism or war has occurred, and 2) a more specific exclusion addressing cyber terrorism or war is included in the policy. Yes, the United States is able to pinpoint the origination of a cyberattack by a foreign enemy, but...

Get this document and AI-powered insights with a free trial of vLex and Vincent AI

Start a free trial

Experience vLex's unparalleled legal AI

Access millions of documents and let Vincent AI power your research, drafting, and document analysis — all in one platform.

Start a free trial

Start Your 3-day Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

  • Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

  • Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

  • Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

  • Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

vLex

Start Your 3-day Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

  • Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

  • Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

  • Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

  • Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

vLex

Start Your 3-day Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

  • Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

  • Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

  • Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

  • Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

vLex

Start Your 3-day Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

  • Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

  • Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

  • Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

  • Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

vLex

Used by the world's leading companies

Herbert Smith Freehills Logo Princeton University Logo University of Oxford Logo K2 Intelligence LLC Logo Bryan Cave Leighton Paisner LLP Logo Kobre & Kim LLP Logo Wiley Logo ABA Logo Perez Lorca Logo Fisher Phillips Logo
vLex Footer Logo
© 2025 vLex. All rights reserved.