As cyber threats become increasingly sophisticated and target the vital systems at the core of modern society, CyberCube’s “Global Threat Briefing H2 2024” underscores a critical reality: attacks on Single Points of Failure (SPoF) technologies and key sectors are no longer hypothetical.
The report explores the systemic nature of these cyber threats and emphasizes the urgent need for robust mitigation strategies.
Our key takeaways are as follows: read the full report here.
Critical Sectors Under Siege
Energy & Utilities
The energy and utilities sector faces significant cyber risks. Attacks on electricity providers, power grids, and water utilities highlight these vulnerabilities. While about 60% of this sector maintains above-average security, 36% remain highly exposed. The heavy reliance on SPoF technologies, such as outdated operating systems, exacerbates these risks.
Transportation & Logistics
This sector is highly exposed but demonstrates above-average security measures. In 2024, cyberattacks on airports, ports, railways, and public transport systems disrupted operations globally. On a positive note, 56% of entities in this sector are in the high-security quadrant, making them relatively more resilient compared to other industries.
U.S. Public Sector
The U.S. public sector is notably insecure, with over 86% of organizations falling into high-exposure and below-average security categories. State-sponsored and criminal cyber actors exploit these weaknesses, threatening essential services and public trust. Due to inadequate cybersecurity investments, the U.S. public sector represents a high-risk category for insurers.
Ransomware and Geopolitical Conflicts
Ransomware attacks are rising, particularly in conflict zones where attackers exploit societal instability. The report notes significant ransomware growth in regions like the Balkans, Asia, and the Middle East. State-sponsored groups increasingly use ransomware to achieve geopolitical objectives, blurring the lines between criminal and military actions. This hybrid threat poses challenges for insurers in determining coverage and exclusions.
Emerging Threats in 2025
Cloud Service Provider (CSP) Outages
Unplanned technology outages are expected to increase, especially among CSPs. High-profile events in 2024, such as the Change Healthcare and CrowdStrike outages, highlight the systemic impact of these disruptions. Insurers must prepare for cascading failures resulting from industry-wide SPoF events.
Cyber Threat Evolution
Cyberattacks are becoming more sophisticated, targeting critical infrastructure with advanced evasion techniques executed by increasingly professional actors. This evolution demands adaptive insurance policies and closer collaboration between insurers, businesses, and governments.
Implications for (Re)insurers
The report’s key recommendations include:
- Enhanced Underwriting: Tailor policies specifically for high-risk areas like the energy and public services sectors.
- Collaboration: Partner with governments and security agencies to improve threat intelligence and response mechanisms.
- Proactive Measures: Invest in tools like CyberCube’s Portfolio Manager to quantify and manage aggregation risks.
Conclusion
As cyber threats to critical sectors continue to escalate, the necessity for adaptive and proactive strategies has never been more evident. The report calls for a collective effort to safeguard critical industries and enhance societal resilience against cyber risks.
Other News: CyberCube Touts Cyber Insurance Tool for Brokers(Opens in a new browser tab).
Other News: Hoboken City Hall Gets Hacked With Ransomware, They Say.
