Claims Intelligence Series
AIG’s 2017 cyber claims statistics reflect both the growing maturity of the cyber book of business and a threat environment which has been characterised by a series of systemic malware and ransomware attacks, including WannaCry and NotPetya. While business/network interruption was a significant issue for many EU organisations, the majority of these losses were underinsured.
As had been predicted early last year by AIG’s cyber experts, 2017 was a year of widespread ransomware attacks and cyber business interruption. The Cyber insurance claims report shows that over a quarter of cyber claims (26%) received in 2017 had ransomware as the primary cause of loss. This is a significant leap from 16% of claims in the years 2013-2016.
“The combination of leaked National Security Agency (NSA) tools plus state-sponsored capabilities triggered a systemic event,” says Mark Camillo, head of cyber for EMEA at AIG. “The Wannacry outbreak, which hit hundreds of thousands of machines around the world, could have been worse in terms of scale and insured losses if a UK researcher hadn’t quickly found and activated the kill switch.”