The Cyber Threats to the Insurance Industry and How They Can Be Mitigated

Legacy Technologies GMBH
5 min readMar 15, 2021

New technology drives business innovation and growth, but it also brings new risks, and cybercrime is developing as fast as the technologies it threatens. Globally, cybercrime is estimated to cost $400 billion a year, with a threat landscape in constant and rapid evolution. In contrast to what may have been the case in the past, insurance companies have now become much more of a focus for cyberattacks. In KPMG’s 2017 Global CEO Outlook survey, only 43% of CEOs questioned said their organization was fully prepared for a cyber event. Insurers deal with massive risks every day — as it is a sector that is fundamentally based on risk management — so this is a worryingly low percentage for an industry dealing so frequently with financial transactions and personal data.

How Insurance Companies Are Now Such a Major Target

Insurance companies hold enormous amounts of personally identifiable information (PII), such as names, addresses, birthdates, social security numbers, email addresses, and health data. They also hold information about income as well as about property, vehicle ownership, travel plans, and even domestic animals.

At the same time, the insurance sector has been undergoing a digital transformation, implementing new channels and services to do business virtually and enhance customer experience. However, this has also increased digitalization in customer interaction. Policies are stipulated and claims are filed online or through mobile apps. Insurers’ websites are integrated with third-party portals. All of these represent weak points that cyber criminals can leverage to steal data. As insurers continue to digitalize their operations, their attractiveness and vulnerability to cyber criminals will only increase. It is for these reasons that cybersecurity has become more important than ever in this sector.

Types of Threats on the Insurance industry: Commoditized and Targeted

KPMG identified two types of attacks, known as commoditized and targeted attacks, which pose the greatest threat to the insurance sector. Commoditized attacks can target hundreds of millions of victims, often the company’s customers. Although the individual returns may be relatively low, these economy-of-scale attacks have high impact through “spray and pray” spam emails, malicious website “watering holes,” and vulnerabilities inherently contained in out-of-date software. Targeted attacks focus on high-net-worth individuals and companies, again taking advantage of supply chains and customers. Targeted attacks may be less numerous than commoditized attacks, but they are highly tailored to ensure maximum impact and financial gain.

Both commoditized and targeted attacks are often carried out through malware that is inserted into an insurance company’s network in a variety of ways. Attachment-based phishing delivers malicious attachments in ostensibly innocent email messages. Throughout the COVID-19 pandemic in particular, cyber criminals have been leveraging general interest in the subject by using COVID-themed messages to entice unsuspecting victims into opening such attachments. Spear-phishing attacks target specific individuals, sending personalized messages that appear to come from a trusted colleague, and therefore appear even more reassuring.

Insurers also receive huge numbers of files and documents from a wide variety of senders, either directly or through client-facing portals. This makes them vulnerable to file-born threats from any source involved in the file transfer. Such a source could be an infected file from a customer’s computer or a valid piece of data constituting part of a network’s interactions with third-party vendors.

The Success of Recent Cyberattacks on Insurance Companies

The insurance industry has already fallen victim to a number of cyberattacks in recent years. The Pacific Specialty Insurance Company was targeted in March 2019 by hackers who implemented a phishing attack to gain access to employee email accounts, social security numbers, government-issued IDs, and financial data. In 2020, hackers breached the servers of Shirbit, an Israeli insurance company, and stole some 300 customers’ personal information while demanding $1 million in Bitcoin for its return, with the required sum increasing every 24 hours that followed. The hackers opened a Telegram group, shared some of the sensitive data, and published messages they said were from potential data purchasers. The Israeli National Cyber Directorate had to step in to ensure the company reported the situation accurately and to investigate whether it took adequate measures to protect itself. Shirbit enlisted experts to deal with the aftermath of the attack, in which it faced investigations, fines, and lawsuits.

The Reputational and Financial Damage Incurred by Attacks

The reputational damage that comes with being a victim of a cyberattack is bad enough, as it can take a harsh toll on a company’s brand and market value, but cyberattacks on insurance companies can also result in significant financial damage. In January 2015, a spear-phishing attack on Anthem Healthcare, the biggest benefits company in the US, resulted in the theft of highly sensitive data from the records of its 78.8 million customers. The company paid a high price. Initial security improvements, clean up, and remediation cost $260 million, followed by almost $40 million in damages and $115 million in payouts for breach of privacy claims.

How Insurance Companies Can Counter the Threat

While it is true that some cyberattacks could be so destructive that a company may never completely recover, the threat can still be greatly mitigated through effective cyber defense. Here at Legacy Technologies, we provide one of the best internationally known defense systems, NEO. The system is spearheaded by some of the world’s foremost experts in cyber strategy, military intelligence, and international business. The result of seven years of development, NEO is our fully automated solution, used by industry giants such as Tesla, Mercedes, and Starbucks. It is comparable to more than 100 white-hat hackers by providing round-the-clock monitoring of cyber defenses, identification of vulnerabilities, and development of effective solutions for breach points and flaws.

NEO uses machine learning to detect otherwise undetectable security breaches and hidden assets. It can even spot human error. Tested against the external infrastructures of major companies such as AT&T and PayPal, NEO represents a long-term security investment in an innovative and proven solution for all cybersecurity requirements in today’s fast-moving digitalized world. Particularly in the insurance sector, considering that a post-attack cure would be cripplingly expensive at best and simply impossible at worst, it is clearly essential for insurers to implement strong, effective, and cutting-edge prevention strategies.



Legacy Technologies GMBH

Legacy Technologies is a cybersecurity company that provides active and passive defenses to keep its clients’ information and assets secure.