Global cyber attacks will more than double this year to 211, says QBE

The number of disruptive and destructive global cyber-attacks taking place each year is set to increase by 105% to the end of 2024, according to a new report from QBE.

In fact, the trend shows that these significant, disruptive and destructive global cyber-attacks are likely to more than double this year to 211, compared to 103 in 2020.

QBE noted that this forecast comes as the new Labour government considers legislation to strengthen the UK’s cyber security, following a series of damaging cyber-attacks and events.

Looking back at CrowdStrike’s Falcon Sensor failure, which occurred on July 19, 2024, this would wind up costing Fortune 500 companies US$5.4 billion in damages and US$25 billion in share value.

However, cybercriminals were quick to exploit the event, as many launched phishing campaigns with CrowdStrike-related lures, seeking to compromise systems, steal data and extort victims, QBE explained.

Moving forward, an analysis conducted by QBE in the UK showcases that the majority (69%) of medium to large sized businesses were disrupted by cyber-events in the past 12 months.

The organisation then went on to ask more than 300 IT decision makers about their views on the cyber landscape and threats.

78% of businesses are said to be concerned about the number of cyber threats they may face, with 51% expecting a cyber event to take place in the next 12 months. However, in spite of these risks, 36% of businesses said they do not have an incident response plan currently in place, and 43% revealed that they don’t have any form of cyber insurance at all.

Interestingly, in response to CrowdStrike, 57% of all businesses said they would look into purchasing or expand their insurance coverage.

Another key factor to highlight, is that businesses seem to consider artificial intelligence (AI) to be more useful for their cyber security, with 32% of businesses saying it will improve their cyber protection compared to 15% of businesses thinking AI will increase cyber risks. QBE noted that there was a need for improved cyber contingencies in the economy.

David Warr QBE Insurance Portfolio Manager for Cyber, commented: “In some parts of the world, take-up for cyber insurance has been slow but as more businesses see their competitors making use of it and see the disruption caused by events, it is spurring them on to look for coverage themselves. CrowdStrike has contributed to changing perceptions of cyber risk and cyber protection. It has raised awareness of the types of events covered under a cyber policy, with cover provided for both security incidents as well as operational issues.”

He continued: “AI is both a hindrance and a help to the cyber landscape. As AI becomes more widely accessible, cybercriminals and cyber activists can launch larger-scale attacks at a faster pace. This increased capability in scale and speed brought on by AI could threaten the cyber domain. However, controlled and managed use of AI can also help detect cyber vulnerabilities.

“Companies in the UK and around the world both big and small should be building up their resilience to both mitigate against cyber threats and be prepared to act in the event of a cyber-attack.”

Focusing attention on the cost and frequency of cyber events on a global basis, QBE estimates that the number of  ransomware attack victims will increase by 11% from 4,698 in 2023 to 5,200 in 2025 with manufacturing, healthcare, IT, education and government sectors particularly at risk.

Lastly, QBE explained that the recent CrowdStrike cyber outage has had a major impact on businesses’ attitudes towards cyber risk, with 61% saying they would increase their cyber insurance as a response, while 45% of those without insurance say they would look at purchasing cyber insurance, and over one in 10 (12%) saying they would definitely purchase it.

For businesses currently without any form of cyber insurance, respondents said that it was either not a priority, too expensive, or that they believe that their business would not be a target for attacks.

This website states: The content on this site is sourced from the internet. If there is any infringement, please contact us and we will handle it promptly.