Robin’s Newsletter #255

7 May 2023. Volume 6, Issue 19
The figurative and literal jury is in on SolarWinds, Merck's NotPetya claim, Uber's data breach cover-up.
Join hundreds of subscribers who get this first, every Sunday. Subscribe

This week

Wrapping up some of the biggest stories of the past few years…


  • Kim Zetter has a great writeup of the SolarWinds attack. In _the untold story of the boldest supply-chain hack ever for Wired, Zetter explains how the incident, which engulfed Mandiant, before being traced back to SolarWinds (vol. 3, iss. 51), unfolded.
  • The compromise also began at least six months prior, with incident responders at an American think tank and the US Department of Justice tracing intrusions back to servers running SolarWinds but not identifying the full scale of the incidents.

Merck’s NotPetya insurance claim

  • Insurance companies including Allianz and Zurich are ‘on the hook’ to help cover Merck’s $1.4 billion losses from the NotPetya attack. The insurers had been appealing a January 2022 verdict (vol. 5, iss. 4) in favour of Merck.
  • The New Jersey appellate court has ruled that the NotPetya cyber-attack wasn’t military in nature and so cannot fall under exclusions for acts of war.

“The exclusion of damages caused by hostile or warlike action by a government or sovereign power in times of war or peace requires the involvement of military action… Coverage could only be excluded here if we stretched the meaning of ‘hostile’ to its outer limit.” — Judges Currier, Mayer and Enright, Superior Court of New Jersey Appellate Division.

  • Merck’s claim was brought under its property insurance, which included policies covering “all risks” to a total limit of $1.75 billion, with a $150 million deductible. The eight insurance companies involved originally disputed having to pay out $699,475,000 of the $1.4 billion claim.

Former Uber CISO gets probation

TikTok’s surveillance of journalists

Interesting stats

11% of users know what the password icon in a browser address bar actually means, according to Google, which is retiring the icon in a forthcoming release of their Chrome browser (see below).

Other newsy bits / in brief

And finally

  • TSB has ‘hit out’ at the UK government after dropping plans to force tech companies to take greater responsibility for fraud originating on their platforms. Instead, a voluntary ‘online fraud charter’ was announced in the fraud strategy released this week. TSB says more than 80% of all purchase, investment and impersonation fraud affecting its customers occurs through platforms owned by Meta, such as WhatsApp and Instagram.

  Robin's Newsletter - Volume 6

  SolarWinds Solorigate / SUNBURST Merck NotPetya Cyber insurance Act of War Uber Joseph Sullivan ByteDance TikTok Surveillance Regulation Artificial Intelligence (AI) Capita T-Mobile Fraud