The Latest Tactics of Cybercriminals

Whether your business is large or small, the cybersecurity arms race matters. When the COVID-19 response of 2020 converted legions of office staffers into remote workers, the rapid change outran security measures. The result was a vast array of opportunities for cybercriminals.

This reality makes cyber liability insurance more essential than ever. The mitigation and legal consequences of a data breach can threaten the viability of any company. This coverage should conform to your company’s threat profile and function as part of a seamless liability insurance package. With this protection in place, your business can focus on the practical steps to combat the new generation of cyber threats.

Ransomware Moves to Double-Extortion

When ransomware appeared two decades ago, schemers burrowed into a victim's computer network, encrypted a swath of data, and then demanded a ransom payment for a decryption password. Present-day cybercriminals now make a complete copy of their target's files before completing the encryption step. With this duplicate in hand, predators can now threaten to publicly release sensitive data, putting twice the pressure on their victims. Welcome to the age of double-extortion ransomware. Healthcare providers, required by law to safeguard patient data, remain the first target of choice for this tactic.

Cloud Vulnerabilities Multiply

Cloud computing, accessing services and information from internet-linked remote data centers, has revolutionized commerce. This advance makes businesses nimbler and allows small companies to access resources once only available to corporate giants. Unfortunately, the cybersecurity practices that worked well for in-house data servers are proving vulnerable on the cloud. A recent survey by Check Point Research found that three out of four corporate security professionals are still struggling to reconfigure their operations for this new paradigm.

Threadjacking Targets Remote Workers

The 2020 remote work transformation compelled workers to use their home computers for connecting with their employers’ networks. These employees then became prime marks for a sophisticated malware scheme known as threadjacking. By vacuuming up the victims’ emails, the malware enables cybercriminals to disguise phishing emails as replies to existing legitimate threads. Tricked into lowering their guards, the victims thus invite even more snooping malware to infect their computers. The result: Cyber-crooks swipe the users' login credentials and gain easy access to networks.

Software Developers Overhaul Their Approach

In traditional software development, security was the caboose on the code-writing train. With cybercriminals now using artificial intelligence, data analytics, and machine learning, this tradition is woefully inadequate. A new approach to software development infuses security into every stage of operations – DevSecOps. When fully implemented, DevSecOps should close off numerous vulnerabilities and reduce the frantic pace of software patches.

Evolving cyberattacks will continue to challenge the leadership skills of business owners. As you make the hard calls on cybersecurity budgeting and software deployment, take full advantage of the risk management counsel on offer from your insurance professional.

About Axis Insurance 

At Axis Insurance Services, we aim to help our customers identify their exposures and protect themselves. Founded in 1999, we offer insurance programs to professions and industries such as attorneys, real estate, healthcare, architects and more. We also have a wholesale division. We pride ourselves on offering flexible insurance coverage tailored specifically to each customer’s needs. To learn more about our solutions, contact us at (877) 787-5258 to speak with one of our professionals.

Cyber Scams, Cyber Liability Claim Scenarios

Recent Posts


See all