TLDR: Global insurer QBE has issued a stark warning about the escalating threat of ransomware attacks, projecting a 40% surge in publicly named victims by 2026, reaching over 7,000. The company’s latest report, ‘Cloud cover: forecasting digital disruption in a cybercrime climate,’ highlights how the rapid adoption of cloud infrastructure and artificial intelligence (AI) is simultaneously creating new vulnerabilities and empowering cybercriminals, placing immense pressure on cyber insurance portfolios. The report emphasizes the growing aggregation risk for insurers due to concentrated data in cloud providers and the role of generative AI in facilitating more sophisticated attacks, including deepfakes.
Global insurer QBE, in collaboration with Control Risks, has released its latest cyber report, ‘Cloud cover: forecasting digital disruption in a cybercrime climate,’ painting a concerning picture of the evolving cyber threat landscape. The report forecasts a significant escalation in ransomware incidents, with publicly named victims expected to surpass 7,000 by the end of 2026, a 40% increase from 5,010 in 2024, and a five-fold rise since 2020. This surge is largely attributed to cybercriminals exploiting vulnerabilities inherent in the rapid adoption of cloud and artificial intelligence (AI) technologies.
The findings underscore the rising financial and operational risks for both insurers and policyholders. QBE notes that the shift towards cloud infrastructure has heightened exposure to ransomware and data breaches, which are primary drivers of cyber insurance claims. High-severity cloud alerts jumped by a staggering 235% in 2024 compared to the previous year, and nearly half of all corporate data stored in the cloud is now classified as sensitive, making it a prime target for attackers.
For insurers, this trend signals a growing aggregation risk. The concentration of valuable data across a limited number of cloud providers and software platforms increases the potential for systemic losses if a single vendor is compromised. QBE cited the 2023 breach at identity management provider Okta, which exposed 134 business clients and resulted in a US$2 billion loss in market value, as a clear example of the cascading impact third-party incidents can have on insured portfolios.
Artificial intelligence, particularly generative AI, is identified as a dual-edged sword. While businesses leverage AI for efficiency, cybercriminals are using the same technology to lower technical barriers, enabling faster, more precise attacks, and scaling fraud. The report reveals that deepfakes were linked to nearly 10% of successful cyberattacks in 2024, with individual fraud losses ranging from US$250,000 to US$20 million. This development is expected to sustain demand for cyber coverage but also poses significant challenges for underwriting models and risk appetite.
Geographically, the report highlights specific areas of concern. Canada accounted for nearly 7% of the 447 major global cyber incidents over the past two years, while North America as a whole made up more than half. The UK experienced 49 significant cyber incidents, representing 10% of the global total. Government and administrative systems were the most targeted sector globally between August 2023 and August 2025, accounting for 19% of all incidents, followed by IT and telecommunications at 18%, and manufacturing, logistics, and transport sectors together at 13%.
David Warr, Cyber Portfolio Manager for QBE, emphasized the urgency of the situation: “As businesses expand their use of cloud infrastructure and AI tools, they are also reshaping their risk landscape. The challenge is not just preparing for the future but catching up with exposures that have evolved at speed.” He added that the supply chain threat is a major concern, as each outsourced provider creates an additional layer of risk and potential points of failure.
Also Read:
- Generative AI Cybersecurity Market Poised for Significant Growth, Forecasted to Reach $35.5 Billion by 2031
- Google Alerts Public to Rising AI-Powered Scams Targeting Job Seekers and Small Businesses
QBE urges organizations to integrate robust cyber risk management into their operational planning. Recommendations include stronger identity controls, encryption, and incident response testing. The insurer stresses that maintaining resilience requires constant alignment between corporate security practices and insurer risk frameworks, as both sides prepare for an era of increasingly interconnected and data-dependent operations.
