UK Businesses Receive £197m in Cyber Attack Payouts

UK insurers paid out £197m (US$259.33m) to businesses affected by cyber incidents in 2024, representing a 230% increase on the previous year.

The figures from the Association of British Insurers show the amount distributed was £138m ($US177.7m) higher than in 2023, with demand for cyber insurance policies rising 17% over the same period.

Ransomware dominates claims landscape

Malware and ransomware attacks accounted for more than half of all cyber insurance claims in 2024, up from 32% the previous year.

The sharp increase highlights the growing sophistication of digital threats and the extensive damage they inflict on business operations.

The shift towards more aggressive attack methods mirrors broader trends documented across the cybersecurity sector.

Research from the UK's National Cyber Security Centre shows it managed 204 nationally significant cyber incidents in 2024, more than double the previous year.

Manufacturing firms have been particularly exposed, with 80% of respondents in a Telstra International survey reporting significant increases in security incidents over the past 12 months.

Industry calls for strategic approach

The Association of British Insurers has urged organisations to integrate cyber insurance into their risk management strategies as the data reveals escalating threats to UK businesses.

The trade body argues that insurance provides critical support when attacks force companies to halt operations, covering losses from breaches, ransomware and email compromise.

Jonathan Fong, Head of General Insurance Policy at the ABI, says:  “Cyber insurance is more than just a financial safety net. The right policy not only supports businesses in the aftermath of an incident but can also help prevent attacks through access to expert advice, threat monitoring, and incident response planning. 

“With cyber threats continuing to grow in scale and sophistication, it needs to be a critical component of every organisation’s modern risk management strategy.”

Beyond financial protection, insurers actively help businesses prevent attacks and strengthen resilience against future incidents.

The 17% uptake in new policies signals UK businesses are prioritising protection against evolving digital risks.

Mounting pressure on critical infrastructure

The cyber insurance payouts come as multiple high-profile attacks have disrupted UK operations across sectors.

Jaguar Land Rover suffered a major cyber attack in 2024 that forced production line shutdowns at key plants, with no customer data reportedly compromised but significant operational impacts.

Microsoft research indicates 80% of cyber incidents now focus on data theft driven by financial gain, with over half of attacks motivated by extortion or ransomware.

Transport and supply chains have become primary targets, with attackers exploiting third-party relationships to move through complex networks.

Broader industry challenges

The cyber insurance data emerges amid wider pressure on UK insurers facing record claims across multiple categories.

In June, the Association of British Insurers welcomed the government's commitment to invest £7.9bn ($US10.4bn) over 10 years in flood defences after insurers paid out a record £585m (US$770.2m) for weather-related damage in 2024.

The organisation has also documented record motor insurance claims of £11.7bn (US$15.4bn) in 2024, driven by rising repair costs and vehicle theft.

The combination of escalating cyber threats, climate-related claims and motor insurance pressures is reshaping risk management priorities for UK businesses and insurers alike.