• Home
  • Ransomware
  • Allianz Commercial (contextual reference to insured large companies in the report)
Ransomware cyber

Allianz Commercial (contextual reference to insured large companies in the report)

Jun 16, 2024 4 min read
Allianz Commercial (contextual reference to insured large companies in the report)

The report highlights that while large insured companies (e.g., in manufacturing, retail, or professional services) have improved cybersecurity resilience in 2025—reducing severity by 50% and large-claim frequency by 30%—ransomware remains the dominant threat, accounting for **60% of large cyber claims (>€1M)**. A key trend is the shift toward **double extortion** (data exfiltration + encryption), now comprising **40% of large claim values** (up from 25% in 2024), with losses involving data theft **doubling** in cost compared to non-exfiltration incidents. The average data breach cost reached **$5M in 2024**, driven by stricter regulations. Despite progress, attacks on less resilient **SMEs (88% of their breaches involve ransomware vs. 39% for large firms)** and **supply chain vulnerabilities** expand the risk landscape. The report warns of **seasonal spikes during Black Friday/Cyber Monday**, where retail’s high personal data exposure and business interruption risks amplify extortion leverage. While early detection mitigates some losses, **prolonged undetected attacks escalate costs exponentially**—up to **1,000x higher** if data theft and encryption occur. Business interruption alone accounts for **>50% of claim values**, underscoring the operational cripple potential of such incidents.

Source: https://www.carriermanagement.com/news/2025/10/09/280292.htm

TPRM report: https://www.rankiteo.com/company/allianz-commercial

"id": "all0293402100925",
"linkid": "allianz-commercial",
"type": "Ransomware",
"date": "6/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': ['Manufacturing (33% of large claims)',
                                     'Professional Services (18%)',
                                     'Retail (9%)'],
                        'location': 'Global (Focus on Asia/Latin America for '
                                    'SMEs)',
                        'name': 'Unspecified Large Insured Companies '
                                '(Multinationals)',
                        'size': 'Large (Improved Resilience) & SMEs (Higher '
                                'Targeting)',
                        'type': 'Corporation'},
                       {'industry': 'Cross-Sector (Retail Highlighted)',
                        'location': 'Global (Emphasis on Asia/Latin America)',
                        'name': 'Small and Medium-Sized Enterprises (SMEs)',
                        'size': 'Small to Mid-Sized',
                        'type': 'Business'}],
 'attack_vector': ['Social Engineering (e.g., impersonation of employees)',
                   'Exploitation of Digital Supply Chain Vulnerabilities',
                   'Targeted Attacks on SMEs/Less Resilient Firms',
                   'Seasonal Attacks (e.g., Black Friday to Year-End)'],
 'customer_advisories': ['Retail customers: Monitor financial accounts for '
                         'fraud during holidays.',
                         'SME customers: Implement multi-factor authentication '
                         '(MFA) and backups.'],
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (PII, Financial Data in Retail)',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Corporate Data (Exfiltrated in '
                                              '40% of Large Claims)']},
 'date_publicly_disclosed': '2025-06-30',
 'description': "Allianz Commercial's 2025 mid-year report highlights a 50% "
                'reduction in cyber claim severity and a 30% drop in large '
                'claims frequency among insured companies due to improved '
                'detection and response capabilities. Ransomware remains the '
                'top threat (60% of large claims), with attackers targeting '
                'smaller firms (88% of data breaches in SMEs vs. 39% in large '
                'firms). Double extortion (ransomware + data exfiltration) now '
                'accounts for 40% of large claim values, up from 25% in 2024. '
                'Retail, manufacturing, and professional services are the most '
                'impacted sectors. Business interruption costs exceed 50% of '
                'claim values, while non-attack incidents (e.g., data '
                'mishandling) represent 28% of large claims.',
 'impact': {'data_compromised': {'large_claims_with_data_theft': '40% (up from '
                                                                 '25% in 2024)',
                                 'payment_information': None,
                                 'personally_identifiable_information': True,
                                 'sme_ransomware_breaches': '88% (vs. 39% in '
                                                            'large firms)'},
            'financial_loss': {'average_data_breach_cost': '$5M (2024 record '
                                                           'high)',
                               'business_interruption_costs': '>50% of cyber '
                                                              'claim values',
                               'data_exfiltration_loss_multiplier': '2x higher '
                                                                    'than '
                                                                    'non-exfiltration '
                                                                    'incidents',
                               'large_claims_reduction': '50% severity drop, '
                                                         '30% frequency drop '
                                                         '(H1 2025 vs. 2024)'},
            'identity_theft_risk': True,
            'legal_liabilities': ['Stricter Data Privacy Regulations (e.g., '
                                  'GDPR)',
                                  'Regulatory Fines for Non-Compliance'],
            'operational_impact': ['Business Interruption (Primary Driver of '
                                   'Claims)',
                                   'Supply Chain Disruptions',
                                   'Regulatory Non-Compliance Penalties']},
 'initial_access_broker': {'data_sold_on_dark_web': True,
                           'entry_point': ['Social Engineering (Employee '
                                           'Impersonation)',
                                           'Digital Supply Chain Exploits',
                                           'Unpatched Vulnerabilities (SMEs)'],
                           'high_value_targets': ['Retail Sector (PII, Payment '
                                                  'Data)',
                                                  'Manufacturing (IP, '
                                                  'Operational Data)',
                                                  'Professional Services '
                                                  '(Client Data)']},
 'investigation_status': 'Ongoing (Trend Analysis)',
 'lessons_learned': ['Early detection/containment reduces costs exponentially '
                     '(1,000x lower impact).',
                     'Business continuity plans mitigate >50% of claim costs '
                     '(business interruption).',
                     'SMEs remain highly vulnerable (88% of breaches vs. 39% '
                     'in large firms).',
                     'Double extortion (ransomware + data theft) is rising '
                     '(40% of large claims in H1 2025).',
                     'Cyber insurance improves resilience (70% loss impact '
                     'increase for insureds vs. 250% for uninsured over 4 '
                     'years).',
                     'Seasonal risks (e.g., Black Friday) require heightened '
                     'vigilance.'],
 'motivation': ['Financial Gain (Extortion/Ransom)',
                'Data Theft for Resale (Dark Web)',
                'Exploitation of Seasonal Vulnerabilities (e.g., Holiday '
                'Shopping)'],
 'post_incident_analysis': {'corrective_actions': ['Mandate cyber insurance '
                                                   'for SMEs in high-risk '
                                                   'sectors.',
                                                   'Expand law enforcement '
                                                   'coordination for '
                                                   'ransomware disruption.',
                                                   'Promote adoption of '
                                                   'NIST/CIS Controls for '
                                                   'baseline security.',
                                                   'Incentivize threat '
                                                   'intelligence sharing among '
                                                   'industries.'],
                            'root_causes': ['Inadequate Detection/Response '
                                            '(SMEs)',
                                            'Over-reliance on Digital Supply '
                                            'Chains',
                                            'Lack of Employee Awareness '
                                            '(Social Engineering)',
                                            'Seasonal Operational Strains '
                                            '(e.g., Holiday Staffing)']},
 'ransomware': {'data_encryption': True, 'data_exfiltration': True},
 'recommendations': ['Implement robust detection/response capabilities (e.g., '
                     'EDR, SIEM).',
                     'Develop and test business continuity plans to reduce '
                     'interruption costs.',
                     'Prioritize supply chain security and third-party risk '
                     'management.',
                     'Enhance employee training to counter social engineering '
                     '(e.g., impersonation attacks).',
                     'Leverage cyber insurance for risk transfer and incident '
                     'response support.',
                     'Strengthen data privacy compliance to avoid regulatory '
                     'fines.',
                     'Monitor dark web for stolen data (especially for SMEs).',
                     'Prepare for seasonal threats (e.g., holiday shopping '
                     'periods).'],
 'references': [{'date_accessed': '2025-06-30',
                 'source': 'Allianz Commercial - Cyber Security Resilience '
                           'Outlook (2025 Mid-Year Report)'},
                {'source': 'Verizon Data Breach Investigations Report (DBIR)'}],
 'regulatory_compliance': {'regulations_violated': ['Data Privacy Laws (e.g., '
                                                    'GDPR)',
                                                    'Sector-Specific '
                                                    'Regulations'],
                           'regulatory_notifications': True},
 'response': {'containment_measures': ['Early Detection/Response (Reduces '
                                       'Costs by 1,000x)',
                                       'Business Continuity Plans'],
              'enhanced_monitoring': True,
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'third_party_assistance': ['Cyber Insurance Providers (e.g., '
                                         'Allianz Commercial)',
                                         'Law Enforcement (International '
                                         'Coordination)']},
 'stakeholder_advisories': ['Heightened risk during holiday seasons (Black '
                            'Friday to year-end).',
                            'SMEs urged to adopt cyber insurance and basic '
                            'hygiene measures.',
                            'Large firms advised to share threat intelligence '
                            'with supply chains.'],
 'title': 'Cyber Insureds Gain Ground on Attackers, But Holidays Bring '
          'Heightened Risk: 2025 Mid-Year Report',
 'type': ['Ransomware',
          'Data Breach',
          'Double Extortion',
          'Business Interruption',
          'Non-Attack Incidents (e.g., wrongful data collection)'],
 'vulnerability_exploited': ['Weak Detection/Response Capabilities (SMEs)',
                             'Wide Attack Surfaces (Retail: staff, suppliers, '
                             'IT systems)',
                             'Lack of Business Continuity Plans',
                             'Privacy Regulation Non-Compliance']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.