“’So then the question is going to be, well, is there coverage for the attack? Is there coverage for the fire? Does the policy exclude coverage for both? And these are some real tough questions that need to be asked in evaluating the claim,’ (Marc Voses, partner at Clyde & Co.) said. ‘You might have a property loss, but at the inception, it might look like a fire. When you look at it deeper, it was caused by a threat actor that actually caused the fire, and there might be an exclusion within the policy excluding the acts of a third party affecting the computer system which results in property damage.'”
Source: Beyond Zeros and Ones: When Cyber Attacks Become Physical