Mitigation Can Cut Malware Risk by Up to 80%, Say Experts

Malware and Cloud Outages: Insurance Industry Insights

Malware Threats

A recent study conducted by CyberCube and Munich Re highlights that a widespread malware outbreak remains a critical threat to insurers. According to the survey, a global malware attack affecting 10% of systems would be considered "surprising," while a 25% infection rate would be "shocking." Respondents noted that an event similar to WannaCry or NotPetya, which impacted only around 0.5% of global machines, is not outside the realm of possibility.

The report emphasizes that patch management, network segmentation, and up-to-date data backups can reduce the likelihood and financial impact of such malware events by 50% to 80%. The survey found that software vulnerabilities and supply chain updates are likely drivers of malware outbreaks.

Ransomware
Image courtesy of Reinsurance Business

For further insights, refer to the full report published by TradingView News.

Cloud Outage Risks

The dependency on cloud services is growing, particularly among small and mid-sized firms. The survey indicates that outages lasting up to 72 hours are possible, while longer disruptions are considered "rare but possible." A one-day outage of a critical cloud service provider could lead to financial losses equivalent to 1% of annual revenue. If a cloud outage lasts for five days, losses could increase by at least a factor of 7.

The study revealed that establishing a multi-region architecture with cloud service providers (CSPs) is the most effective mitigation strategy against cloud outages. Using multiple CSPs for critical applications was deemed impractical due to the challenges of transferring services during an outage.

Cloud Services
Image courtesy of TradingView News

For more details, visit InsuranceERM and Reinsurance News.

Emerging Risks

Cybersecurity experts express concern about the impact of emerging technologies on the threat landscape. Industrial and consumer IoT devices are immediate areas of concern, while Large Language Models (LLMs) are currently relevant, and Artificial General Intelligence (AGI) is expected to pose risks in the coming years.

The study aims to improve understanding of extreme malware and cloud events and their mitigation effectiveness. Jon Laux from CyberCube stated, “By sharing the findings of our study on systemic cyber risks, we aim to provide a more nuanced view of how systemic cyber events might unfold and the factors that drive wide variation in risk exposure across firms.”

Emerging Technologies
Image courtesy of CyberCube

For further reading on systemic cyber risks, see Munich Re and CyberCube.

Explore how our services can help you mitigate these risks effectively. Contact us at [Company Name] or visit us at [Company URL] for more information.

Ransomware Attacks Target Russian Vodka and Healthcare Sectors

The Novabev Group, parent company of the Beluga vodka brand, experienced a ransomware attack on July 14, 2025, causing significant disruptions. The attack affected WineLab, the company's liquor store chain, leading to a three-day closure of over 2,000 locations in Russia. The company reported that the attack crippled its IT infrastructure, particularly point-of-sale systems and online services. Novabev Group stated, "The company maintains a principled position of rejecting any interaction with cybercriminals and refuses to fulfill their demands."

By Alan V Gutnov July 19, 2025 3 min read

Retail Sector Faces Surge in Ransomware Attacks: A 2025 Analysis

Publicly disclosed ransomware attacks on the retail sector globally surged by 58% in Q2 2025 compared to Q1, with UK-based firms being particularly targeted, according to a report by BlackFog. This spike in attacks follows high-profile breaches affecting retailers like Marks & Spencer (M&S), The Co-op, and Harrods, attributed to the threat actor known as Scattered Spider.

By Alan V Gutnov July 19, 2025 2 min read

AI-Driven Lcryx Ransomware Emerges in Cryptomining Botnet

A cryptomining botnet active since 2019 has incorporated a likely AI-generated ransomware known as Lcryx into its operations. Recent analysis by the FortiCNAPP team at FortiGuard Labs identified the first documented incident linking H2miner and Lcryx ransomware. This investigation focused on a cluster of virtual private servers (VPS) utilized for mining Monero.

By Edward Zhou July 19, 2025 3 min read

Preventing ClickFix Attacks: Safeguarding Against Human Error

ClickFix is an emerging social engineering technique utilized by threat actors to exploit human error. This technique involves misleading users into executing malicious commands under the guise of providing "quick fixes" for common computer issues. Threat actors use familiar platforms and deceptive prompts to encourage victims to paste and run harmful scripts.