It is essential that organisations understand cyber threats and resulting vulnerabilities, says global head of cyber services

Cyber extortion techniques are evolving and it is now common for multiple threat actors to be involved in an attack, according to Beazley’s latest report.

The inaugural Cyber Services Snapshot report – released today (12 July 2022) – examines data exfiltration, its evolution and what businesses can do to prepare.

It is based on data gathered between 2020 and the first quarter of 2022 and is the first in a series of regular reports that hope to demonstrate that cybersecurity threats remain persistent.

Raf Sanchez, Beazley’s global head of cyber services, said: “This project was conceived as a rolling snapshot of cyber exposure and its impact on cybersecurity needs and recommendations.

”Extortion incidents no longer just involve file encryption. We are seeing data exfiltration now prevalent in a significant majority of incidents reported to our cyber services team.

“Multiple threat actors are involved and they are encrypting systems, stealing and selling data they’ve accessed and also threatening to expose the fact that an organisation’s data was stolen unless payment is provided.”

He stressed that cyber was an ”increasingly complex landscape” and that it was essential organisations understood the threats and resulting vulnerabilities.

The report also warned of potential spillover effects from destructive software disguised as ransomware – despite the aim of ransomware software being to extract money from victims, global conflict, such as the Russia Ukraine war, has increased the risk of malware being deployed to cause damage.

Desktop software sharing and phishing were the most common ransomware vectors noted in the report, while business email compromises remained an issue. Retail (57%), manufacturing and construction (56%) and education (52%) were most at risk of system infiltration.

More regulatory oversight

Threat actors have developed new tools, codes and frameworks warned Beazley. In the face of this, the report recommended that firms implement more third-party risk management as a priority. 

Frank Quinn, client experience manager at Beazley, said: “We expect more regulatory oversight and enforcement activity directed at the ransomware ecosystem.”

He explained that government organisations were attacking the issue of cyber legislation on a number of fronts by targeting exchanges used for crypto payments as well as taking a more aggressive approach to sanctions.

This was supplementary to the usual approach of criminal prosecution of ransomware threat groups.

Sanchez added: “With threat actors continually evolving their techniques, the industry needs regular access to data and expertise to guide our response.”