Heightened cyber activity linked to the Middle East conflict has raised concerns about the potential for severe cyber attacks that could test insurers’ underwriting models and increase systemic risk, according to analysis by S&P Global Ratings.

Cyber risk analytics firms have reported increased activity among threat actors and affiliated hacktivist groups since the outbreak of the war, including distributed denial of service attacks, phishing campaigns and attempts to compromise corporate networks and critical infrastructure.

S&P said there have so far been no public reports of large insured cyber losses directly attributable to the conflict. Most incidents have disrupted services or systems without generating significant claims, meaning the immediate impact on insurers’ cyber portfolios appears limited. However, analysts warned the situation remains fluid and could escalate, particularly once the physical warfare subsides.

A shift towards larger, coordinated attacks involving state-linked actors could test underwriting models, raise accumulation risk and spark legal disputes over policy coverage, however, especially where incidents are linked to acts of war or state-sponsored activity.

"Our focus remains on insurers’ risk management practices, portfolio diversification, and operational resilience," said Manuel Adam, credit analyst at S&P Global Ratings. "Overall, the Middle East war highlights the growing interconnection between cyber risk, geopolitics, and insurance, reinforcing the importance of clear policy language, prudent underwriting, and robust operational safeguards to maintain portfolio resilience."

---