I learned of a new cyber term yesterday, “jackware,” which is similar to ransomware in that it features an outside hacker taking control of a system and disrupting the flow of information. What distinguishes jackware is that the attack is not aimed at the computer system itself, but rather at embedded devices in machinery or smart devices that perform other functions. Hackers use ransomware to hold onto and control data with the aim of making a profit by refusing to release the data without receipt of payment. Jackware, on the other hand, seeks to take control of machines to do things seemingly with sinister intentions.
Jackware highlights the need for businesses to evaluate their insurance policies to ascertain coverage for bodily injury and property damage from a cyber event is afforded by their policies. This is not a novel concept and is one which I have addressed and cautioned about in previous posts. The potential bodily injury and/or property damage that can arise from a hacker taking control of a smart device or machine need not be elaborated on much. We now have a term to address it by – jackware, and proactively addressing it with insurance would be a prudent move.
Some cyber carriers have been amenable to offering bodily injury and property damage coverage and it is one avenue of coverage to pursue. Ensuring no cyber exclusions on property, environmental/pollution, and general liability policies is another channel to explore (also referred to as silent cyber coverage). Some courts notably have ruled favorably for policyholders in silent cyber cases, particularly on the general liability side of coverage.