Top of the story: Zurich American Insurance sued for 100 million dollars for rejecting claim for NotPetya ransomware losses suffered by U.S. snack maker Mondelezas "act of war" .
In 2017, U.S. snack manufacturer Mondelez became victim to a NotPetya ransomware attack and reported to have disabled 1,700 servers and 24,000 laptops. Perhaps disabled is a bit too gentle a term. NonPetya encrypts the file system table and prevents the system from booting, essentially bricking the device. Mondelez filed a claim for 100 million dollars with Zurich American Insurance Company in connection with the cleanup. Long story short: Zurich offered 10 million, then rejected the claim on the basis that, as some security experts [and the U.K.] believe) the Russian government is responsible for NotPetya development and propagation. Although Mondelez's cyber-insurance provisions were relatively robust, the policy also excludes coverage for losses arising from "hostile or warlike action in time of peace or war" by a "government or sovereign power." Mondelez filed suit in Cook County Circuit Court. 2018-L-011008.