Cyberattacks on Hospitals and Infrastructure Signal Rising Claims Risk

The cyber dimension of the Iran conflict highlights how modern warfare increasingly blends physical attacks with coordinated digital operations. One example involved malicious text messages sent during missile strikes, tricking civilians into downloading spyware disguised as emergency shelter information. This type of synchronized cyber-physical attack introduces a new layer of risk, where timing and deception amplify damage and confusion.

For claims adjusters, this signals a shift in how losses may occur and be reported. Cyber incidents are no longer isolated events but can coincide with catastrophic scenarios, complicating causation analysis, coverage determinations, and claims timelines. The presence of spyware that accesses personal data, location, and cameras raises liability concerns, especially if devices are tied to workplace systems or insured business operations.

The report also points to a surge in high-volume, low-impact cyberattacks attributed to Iran-linked groups. While many attacks are technically unsophisticated, they exploit outdated systems and force organizations to allocate resources toward mitigation. For insurers, this creates a steady stream of smaller claims and defense costs rather than singular catastrophic cyber losses. It also increases underwriting scrutiny on cybersecurity hygiene and patch management.

Healthcare organizations and data centers are emerging as primary targets. Attacks involving destructive ransomware, even without ransom demands, indicate motives beyond financial gain. Disruption of medical systems can trigger business interruption claims, patient safety liabilities, and regulatory scrutiny. Adjusters handling these claims must assess not only system damage but also downstream impacts such as delayed care or data exposure.

Artificial intelligence is accelerating both attack and defense capabilities. AI-driven disinformation campaigns complicate incident verification, while automated cyberattacks increase frequency and scale. For adjusters, this introduces challenges in validating claims, identifying fraud, and distinguishing legitimate losses from manipulated or fabricated events.

Overall, the story underscores a broader trend. Cyber risk is expanding beyond traditional data breaches into operational disruption, psychological impact, and hybrid warfare scenarios. Claims professionals will need to adapt to more complex loss environments that involve multiple triggers, overlapping coverages, and evolving threat actors.