An identified cyber criminal or hacking group whose methods, targets, and attack patterns are documented by security experts. These can include foreign government hackers, ransomware gangs, or organised crime groups. When a known threat actor attacks your business, insurers will investigate whether you took reasonable steps to protect against that group's documented tactics. For example, if a known group exploits a specific vulnerability and you hadn't patched it despite warnings, your coverage might be limited. Some policies exclude attacks by foreign governments under "acts of war" provisions. Insurance companies expect businesses to stay informed about relevant threat actors and implement defenses against their known attack methods.

An identified cyber criminal or hacking group whose methods, targets, and attack patterns are documented by security experts. These can include foreign government hackers, ransomware gangs, or organised crime groups. When a known threat actor attacks your business, insurers will investigate whether you took reasonable steps to protect against that group's documented tactics. For example, if a known group exploits a specific vulnerability and you hadn't patched it despite warnings, your coverage might be limited. Some policies exclude attacks by foreign governments under "acts of war" provisions. Insurance companies expect businesses to stay informed about relevant threat actors and implement defenses against their known attack methods.