Treasury is set to examine whether “cyber terrorism” that causes physical property damage should be added to a national terrorism insurance scheme.
The department yesterday kicked off its latest review of the scheme and associated legislation, which was put in place in 2003 as “an interim measure to operate while terrorism insurance cover was unavailable in the private market.”
The government intervened because of a lack of affordable terrorism insurance post 9/11, which it said caused a flow-on effect on commercial building activity.
Terms of reference for the latest review show the government is considering broadening its definition of eligible terror-related incidents to those in the cyber domain for the first time.
“Treasury is particularly interested in … whether the risk of cyber terrorism causing physical property damage should be included in the scheme by removing the scheme regulations exclusion for computer crime and overriding policy exclusions for cyber terrorism,” it said.
The insurance of losses arising from computer crimes is currently excluded by the terms of the Act.
A 2015 review [pdf] of the scheme noted the disparity in how different types of attacks on internet infrastructure would be treated.
“Physical attacks on lead‐in conduits or submarine cables may produce relatively minor
amounts of physical damage but substantial business interruption losses while cyber‐
attacks on network nodes producing similar consequential losses may not be covered,” it noted.
Treasury has opened the 2018 review of the scheme up to consultation until June 30.