Skip to main content
QBE European Operations

Annual global cyber-attacks double from 2020 to 2024: QBE

THE number of disruptive and destructive global cyber-attacks taking place each year will increase by 105% to the end of 2024, according to a QBE report Connected Business: digital dependency fuelling risk launched today. 

The trend shows these strategically significant, disruptive and destructive global cyber-attacks will more than double this year to 211, compared to 103 in 2020.

Chart 1: The number of disruptive and destructive global cyber-attacks

The NotPetya mass cyber-attack is one such example. It resulted in infections across Europe, North America and Asia Pacific. The associated NotPetya malware caused an estimated US$10bn in damages. These types of disruptive and destructive attacks are far rarer than data loss or simple device compromises type incidents that are in the 1000s or 10000s.

The forecast comes as the new Labour government considers legislation to strengthen the UK’s cyber security, following a series of damaging cyber-attacks and events.[1]

CrowdStrike’s Falcon Sensor failure on 19 July 2024 cost Fortune 500 companies US$5.4bn in damages and US$25bn in share value [2]. Cybercriminals were quick to exploit the event launching phishing campaigns with CrowdStrike-related lures, seeking to compromise systems, steal data and extort victims.  

According to Control Risks, all cyber incident types are significantly underreported.

Further analysis conducted by QBE in the UK shows the majority (69%) of medium to large sized businesses were disrupted by cyber-events in the past 12 months.

QBE asked more than 300 IT decision makers their views on the cyber landscape and threats.

Alarmingly, 78% of businesses are concerned about cyber threats they may face, with more than half (51%) expecting a cyber event in the next 12 months.  Despite these risks, a third (36%) of businesses said they do not have an incident response plan, and nearly half (43%) don’t have any form of cyber insurance.

In response to CrowdStrike, 57% of all businesses said they would look into purchasing or expand their insurance coverage.

Businesses consider AI to be more useful for their cyber security with 32% of businesses saying it will improve their cyber protection compared to 15% of businesses thinking AI will increase cyber risks.  QBE said there was a need for improved cyber contingencies in the economy.  

David Warr QBE Insurance Portfolio Manager for Cyber said: “In some parts of the world, take-up for cyber insurance has been slow but as more businesses see their competitors making use of it and see the disruption caused by events, it is spurring them on to look for coverage themselves. CrowdStrike has contributed to changing perceptions of cyber risk and cyber protection. It has raised awareness of the types of events covered under a cyber policy, with cover provided for both security incidents as well as operational issues.”

“AI is both a hindrance and a help to the cyber landscape. As AI becomes more widely accessible, cybercriminals and cyber activists can launch larger-scale attacks at a faster pace. This increased capability in scale and speed brought on by AI could threaten the cyber domain. However, controlled and managed use of AI can also help detect cyber vulnerabilities.  

“Companies in the UK and around the world both big and small should be building up their resilience to both mitigate against cyber threats and be prepared to act in the event of a cyber-attack.”

QBE has developed a range of tools and risk services for their clients to help them reduce their cyber risk and assist with recovery during a cyber event. For more information, please visit: https://qbeeurope.com/products/cyber/.

QBE’s 10 tips for businesses hit by a cyber-attack

  1. Contain the issue: isolate affected parts of the network to reduce the impact
  2. Evidence preservation: keep the network area running to retain critical evidence  
  3. Evidence handling: avoid deleting or altering any information that could aid in incident investigations
  4. Notify your insurer’s breach response team
  5. Activate your incident response plan: notifying the crisis management team to ensure decisions can be made swiftly
  6. Think twice about paying ransoms: paying ransoms does not guarantee that data will be returned and can be illegal
  7. Communicate carefully with stakeholders: Ensure that accurate information is provided to manage expectations
  8. Identify the extent of the effect on suppliers, clients and other third parties
  9. Identify any deadlines that may be affected by the incident, such as payroll
  10. Regularly test your response plan against different breach scenarios.

 

Cost and frequency of cyber events globally

  • The number of ransomware attack victims will increase by 11% from 4,698 in 2023 to 5,200 in 2025 with manufacturing, healthcare, IT, education and government sectors particularly at risk.
  • The average ransom payment in 2023 increased five-fold to USD$2m compared to USD$400,000 the previous year.

Frequency of cyber events in the UK

  • The vast majority (78%) are concerned about cyber threats their business may face.
  • Nearly half (47%) of businesses say they suffered from a cyber event requiring corrective action in the past 12 months.
  • Looking ahead, half (51%) of businesses expect a cyber event requiring corrective action in the coming 12 months.
  • Nearly half (47%) of all businesses were disrupted by cyber events in the last 12 months.

AI and cyber security

  • Businesses consider AI to be more of a help than a hindrance to their cyber security with 32% of businesses saying it will improve their cyber protection compared to 15% of businesses saying AI will increase cyber risks.

Risk mitigation

  • Despite the growing risk, more than two in five (43%) say their business does not have a cyber insurance policy and more than a third (36%) do not have an incident response plan to address a cyber event.
  • A third (34%) of those without cyber insurance stated that it was ‘not a priority’ for their business, despite a significant increase in cyber events over the past few years.
  • The recent CrowdStrike cyber outage has had a significant impact on businesses’ attitudes to cyber risk, with 61% saying they would increase their cyber insurance as a response, and 45% of those without insurance saying they would look at purchasing cyber insurance, and over one in 10 (12%) saying they would definitely purchase it.
  • Asked why their business does not have currently have cyber insurance – they cited the top reasons are – it is not a priority, it is too expensive and they believe their business wouldn’t be a target.

<ends>

 

On behalf of QBE, Opinium Research carried out an online survey of 311 IT decision makers in the UK in September 2024.

 

[1] Labour outlined its plans for a Cyber Security and Resilience Bill in the King's Speech in July.

[2] This excludes Microsoft. https://fortune.com/2024/08/03/crowdstrike-outage-fortune-500-companies-5-4-billion-damages-uninsured-losses/; The share price sources include media outlets such as bbc and sky news, reporting percentages from the original lawsuit. https://www.businesswire.com/news/home/20240730461048/en/Labaton-Keller-Sucharow-LLP-Announces-Securities-Class-Action-Lawsuit-Filed-Against-CrowdStrike-Holdings-Inc.-and-Certain-Executives