Have cyber criminals gone to war, leaving quiet on western fronts?

Cyber claim frequency may have paused in the first quarter of 2022, just as markets had braced for war to spill into the cybersphere, raising speculation that the usual suspects had gone to war but left things a bit quiet on western fronts.

Cyber was supposed to be the boundless risk after the Russian invasion of Ukraine, ever more so as Moscow reframed the war as a larger East vs. West, Russia against NATO conflict on a global scale.

But the more the insurers looked, the less they found the cyber events they’d feared.

“We haven't seen anything systemic,”  Chubb EO Evan Greenberg told his company's Q1 investor call of cyber trends since Russia initiated hostilities. “It hasn't abated and it hasn't increased.”

European carriers are seeing just as little or even less and floundering a bit on attribution.  Munich Re “didn't see or notice or perceive” any uptick in cyber, officials told their April 28 AGM. Leaders at Hiscox and Beazley have spoken to an outright dip in frequency.

“We see actually no unusual claim activity in Q1,” the chief underwriting officer at  Hiscox, Joanne Musselle, told her company's earnings conference. “Indeed, our claims activity is reduced.”

“It hasn't happened,”  Beazley CEO Adrian Cox (pictured) said of early assumptions that cyber could spike globally as the Russians attack on multiple fronts.

In any environment, the Russians would be the key cyber suspects. “The largest single territory of attack into the US through the last number of years has been Russia,” the  Chubb CEO told his company's investor call.  “When it comes to ransomware attacks, more comes out of Russia than any other jurisdiction in the world.”

But attribution of the decline in cyber events remains elusive.  Most prefer to speak to the need for continued vigilance.

Officials at  Hiscox worked their investor call to take some of the credit for themselves. To hear their top officials tell it, the group was repositioning away from ransomware risks long prior to the Russian invasion of Ukraine, including outright reductions in the London Market. A new retail focus towards smaller commercial clients was altering the cyber risk profile, the added.

Interim group CFO Liz Breeze put the decline to “underwriting actions we have taken and the clampdown by governments across the globe.”  Potential Russian cyber aggression remains a threat in what CUO Musselle called a “heightened” situation.

Beazley brought fresh insight to the evolving picture, even if officials are very reserved in drawing conclusions.

Even as claims frequency on its own markets falls,  Beazley sees “more cyber activity in Russia and Ukraine” since hostilities got underway. Officials hint, but refuse to confirm, that the world's cyber criminals are now too busy to get involved in garden-variety peacetime ransomware.

“I can tell you that I see more in Russia and Ukraine,”  Beazley CEO Cox said. “And I can tell you that our frequency goes down and we had prepared for it to go up.”

“I just can't unbundle it more beyond that.”

Did you get value from this story? Sign up to our free daily newsletters and get stories like this sent straight to your inbox.