In a memo sent to the company's 76-plus insurance syndicates, underwriting director Tony Chaudhry said Lloyd's remains "strongly supportive" of cyber attack coverage. However, as these threats continue to grow, they may "expose the market to systemic risks that syndicates could struggle to manage," he added.

He said that nation-state-sponsored attacks are particularly costly to cover and cyber attack policies must include "a suitable clause excluding liability for losses arising from any state-backed cyberattack.

These changes will take effect beginning March 31, 2023 at the inception or renewal of each policy.

Most policies already have an exclusion against war, whether declared or not and now it looks like they must exclude losses from nation-state cyber attacks that "significantly impair the ability of a state to function or that significantly impair the security capabilities of a state."

However, Lloyds might not get what it wants as it is really hard to identify the nation state backing the attack, at least to a legal standard. Most nation state hackers use code which comes from another likely nation state, bounce attacks off servers in other countries, or buy off the shelf code. While it is possible that cost might have come from North Korea or Russia it is rather hard for Lloyds to prove.