Insurers are instructing corporate customers to purchase supplemental policies in order to cover damages from cyber attacks. Under general policies, businesses have been stonewalled with denials, as insurance companies cite that a given attack represents an “act of war.” The “act of war” exclusion exempts insurance companies from liability.

“Just as they wouldn’t be liable if a bomb blew up a corporate building during an armed conflict, they [insurance companies] claim not to be responsible when a state-backed hack strikes a computer network,” explains The New York Times.

In 2017, a global food services company overcame a ransomware attack that froze laptops, locked files, shut down the corporate network, and left products piled high on warehouse shelves for long lengths of time due to compromised logistics software. In total, the manufacturer dealt with over $100 million in losses.

To the shock and horror of the company, the insurance provider rejected the company’s claims, arguing that the attack represented an “act of war”.

Other companies have also received denial notices when it comes to insurance reimbursements for cyber attack damages, with several embroiled in legal disputes.

The market for cyber insurance is expected to soar, with projections forecasting a total of $9 billion in annual premiums. This is double the number from 2017.

Get the full story from Bloomberg.