https://www.insurerbrain.com/w/index.php?action=history&feed=atom&title=Definition%3ACyber_attackDefinition:Cyber attack - Revision history2026-04-30T07:25:14ZRevision history for this page on the wikiMediaWiki 1.43.8https://www.insurerbrain.com/w/index.php?title=Definition:Cyber_attack&diff=10727&oldid=prevPlumBot: Bot: Creating new article from JSON2026-03-11T16:56:57Z<p>Bot: Creating new article from JSON</p>
<p><b>New page</b></p><div>🛡️ '''Cyber attack''' is a deliberate, unauthorized attempt to access, disrupt, damage, or steal data from an organization's digital systems — and within the insurance industry it represents both a rapidly evolving [[Definition:Exposure | exposure]] that carriers must underwrite and an operational threat to insurers' own technology infrastructure. From [[Definition:Ransomware | ransomware]] campaigns that encrypt hospital networks to sophisticated [[Definition:Phishing | phishing]] schemes targeting financial institutions, cyber attacks are the primary peril driving the growth of the [[Definition:Cyber insurance | cyber insurance]] market, which now generates tens of billions of dollars in global [[Definition:Gross written premium (GWP) | gross written premium]].<br />
<br />
🔍 The mechanics of a cyber attack vary widely, but the insurance industry generally categorizes them by vector and impact. Common vectors include [[Definition:Malware | malware]] delivery via email, exploitation of unpatched software vulnerabilities, [[Definition:Distributed denial-of-service (DDoS) | distributed denial-of-service]] floods, and [[Definition:Social engineering | social engineering]] that tricks employees into surrendering credentials. When [[Definition:Underwriting | underwriting]] this exposure, carriers evaluate the insured's security posture — endpoint protection, multi-factor authentication, network segmentation, [[Definition:Incident response plan | incident response plans]] — and model [[Definition:Loss scenario | loss scenarios]] spanning [[Definition:Business interruption insurance | business interruption]], [[Definition:Data breach | data breach]] notification costs, regulatory fines, and [[Definition:Third-party liability | third-party liability]]. [[Definition:Catastrophe modeling | Catastrophe modelers]] have developed specialized cyber models to estimate [[Definition:Aggregation risk | aggregation risk]], recognizing that a single vulnerability in widely used software could trigger correlated losses across thousands of policies simultaneously.<br />
<br />
⚠️ Beyond the products they sell, insurers themselves are high-value targets. Carriers and [[Definition:Third-party administrator (TPA) | third-party administrators]] hold vast stores of personally identifiable information and financial data, making their systems attractive to attackers seeking to monetize stolen records or extort organizations that cannot afford downtime. A successful attack on a major insurer could compromise [[Definition:Claims processing | claims]] operations, erode [[Definition:Policyholder | policyholder]] trust, and trigger [[Definition:Regulatory compliance | regulatory]] action. Consequently, the industry's own [[Definition:Cyber risk management | cyber risk management]] practices — from [[Definition:Penetration testing | penetration testing]] to [[Definition:Zero trust architecture | zero trust architecture]] — are as critical as the coverage it offers to others.<br />
<br />
'''Related concepts:'''<br />
{{Div col|colwidth=20em}}<br />
* [[Definition:Cyber insurance]]<br />
* [[Definition:Ransomware]]<br />
* [[Definition:Data breach]]<br />
* [[Definition:Cyber risk management]]<br />
* [[Definition:Aggregation risk]]<br />
* [[Definition:Cyber terrorism]]<br />
{{Div col end}}</div>PlumBot