A series of recent cyberattacks on third-party software and critical infrastructure may present new challenges for cyber insurers and policyholders, many of whom are increasingly dependent on digital service providers.
Consider the cyberattack on software from the U.S. defense supplier Collins Aerospace, which reportedly began on Sept. 19, 2025 and disrupted check-in, boarding and baggage systems at several major European airports. The event "highlights how cyber-attacks on key third-party vendors can cause widespread operational disruption and financial losses across multiple businesses," Acrisure London Wholesale Senior Vice President James Morgan wrote in a briefing about the event.
Morgan continued: "From aviation to healthcare, utilities to financial institutions, every sector is now deeply reliant on digital service providers. And when they fail, your business can suffer the consequences even if your own systems remain secure. It’s not just about covering data breaches; it’s about protecting your ability to operate, serve customers, and recover quickly when things go wrong."
Threat actors are increasingly focused on sectors such as transportation and logistics, where attacks can cause widespread disruption, creating significant business interruption and contingent business interruption events. A growing number of cyber events are aimed at creating chaos and halting operations rather than solely stealing data for extortion. This tactic changes the nature of the immediate loss and the subsequent recovery process.
What it means for insurance organizations
Even as cyber insurers develop more sophisticated methods of assessing policyholder and prospect software and supply-chain risk, cyberbreaches are one catalyst for the uptick in insurance litigation. A single attack on a widely used software provider could trigger claims across thousands of policies simultaneously, creating a significant accumulation risk for carriers.
It follows that claims adjusters and executives must now navigate large-scale business interruption claims stemming from disruption-focused cyberattacks. Meanwhile, cyber underwriters may need to adapt risk assessments to better evaluate an insured's software supply chain dependencies.
The slideshow above provides a glimpse at recent cybersecurity events that highlighted vulnerabilities introduced by third-party service providers.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.