The nature of cyber threats is changing fast. While ransomware often rules the headlines, cybercriminals such as Silent Ransom Group (also known as Luna Moth or DragonForce) are increasingly taking the stealthier route of stealing sensitive data and using it as leverage. Instead of encrypting systems, the intent is to threaten leaking confidential files unless a ransom is paid. These attacks often fly under the radar, making them harder to spot and even harder to stop.
So how can today’s businesses stay ahead? This shift in tactics means cyber risk looks very different than it did a few years ago. It’s not just about locking systems and causing downtime. Attackers are going after sensitive data, exploiting privacy concerns, regulatory obligations and reputational vulnerabilities. That’s why it’s so important to understand how these threats are evolving, so we can help clients stay protected in a rapidly changing landscape.
New tactics: How these attacks work
Today’s cybercriminals aren’t breaking down the digital front door; they’re walking in through the front desk. Many cyber attacks now begin with sophisticated social engineering techniques, like fake subscription emails or phone calls from someone pretending to be internal IT. The goal is to trick an employee into handing over access, highlighting why human error continues to be a key vulnerability.
Once inside, cybercriminals use legitimate remote tools like AnyDesk or QuickAssist to bypass antivirus software and leave few traces behind. From there, it’s a short step to stealing sensitive data and using it as leverage, with the added risk of regulatory penalties and reputational fallout if that data is exposed.
What makes these attacks especially dangerous is how little access the cybercriminals need to do damage. Even low-level user credentials can open the door to data theft and extortion, meaning attacks are scalable and effective.
A broad target: Why all businesses need to take prevention steps
Today’s cyber attack tactics are being used against a wide range of businesses across digital healthcare, manufacturing, technology, finance and professional services. If an organization holds data, it’s a potential target.
For an effective defense, preparation is everything. That starts with simple risk mitigation steps: training employees to spot social engineering tactics like phishing and IT impersonation, and regularly reviewing access controls to limit unnecessary user privileges. We also recommend promoting the use of strong, unique passwords across all accounts, combined with multi-factor authentication (MFA) to help prevent unauthorized access. Beyond password hygiene, businesses monitor for unauthorized remote access tools and unusual outbound network traffic. Find a list of recommended actions in our advisory.
But technology and awareness alone aren’t always enough. It takes a combination of secure systems, user education, effective incident response and proactive prevention. That’s where cyber insurance comes in.
Next steps: Proactive prevention and a vital safety net
Today’s data theft and extortion tactics are designed to stay invisible. Spotting them, let alone shutting them down, takes specialist skills, technical expertise and round-the-clock vigilance. That’s something few businesses can afford.
But the right cyber insurance partner can make all the difference. With a CFC cyber policy, you don’t just get peace of mind from our robust coverage. You get access to expertise that helps prevent attacks from happening in the first place. Proactive prevention services like continuous threat monitoring, vulnerability scanning and threat intelligence can play a key role in minimizing the risk of an incident. And if an incident does occur, our incident response and claims service can help minimize impact and get you back up and running. Best of all, it all comes as part of every CFC cyber policy.
At CFC, our specialist proactive cyber team is actively tracking this evolving threat. If we detect any malicious activity that could impact your business, we’ll reach out directly via the Response app. The app also includes a phishing simulation tool, built to help raise employee awareness and strengthen your defences against these types of social engineering attacks.
Discover how this emerging threat is evolving, what CFC is doing to help protect insureds and practical steps businesses can take to strengthen cyber resilience in our advisory.
