Skip to main content

The evolution of cyber attacker techniques

If cyber risk were constant, our defences could be too. But when it comes to cybercrime, the rules of engagement are ever-changing, with new threat groups and techniques constantly emerging. As a result, staying ahead of cyber threats requires ongoing education and continual updating of controls.

Recent cyber incidents described in this report demonstrate a shift in the way that cybercriminals are gaining and leveraging access to organisation’s systems and data.

We’re seeing faster lateral movement across IT systems when hackers gain access and the speed of ransomware deployment is increasing as hackers’ tools become smarter and more efficient. The time it takes cybercriminals to exploit publicly disclosed vulnerabilities in software systems is growing faster too. Organisations need to be ready, not just for today’s new reality but for whatever tomorrow will bring.

If we want to keep these emerging trends from becoming significant issues, it’s essential for companies not only to keep tabs on attack groups and their techniques, but also to maintain a cyber risk management approach that is flexible enough to respond as risks emerge and evolve. Organisations must not only have basic controls already in place, but also enough resources and capacity to quickly implement new controls as needed.

Beazley’s Cyber Services team is here to help, and in this quarter’s Cyber Services Snapshot, we take a deep dive into the latest social engineering techniques and criminal gangs that are the masterminds behind well-publicised cyber attacks. Read on to learn more.

Alec Cramsie
Head of London Market Wholesale Cyber Risks
London, UK

Quarterly data snapshot

What’s happening in the world of cyber incidents? View the latest trends in quarterly global claims data compiled from Q1 of 2021 through Q3 of this year.

"Cyber security really relies on employees as a first line of defense. And we're seeing evidence that cyber attackers are getting smarter about how they target and exploit them."

Frank Quinn
Client Experience Manager
New York, USA

Data presented in this cyber services snapshot is derived from global incidents reported to Beazley between Q1 2021 and Q3 2023. 

The information set forth in this document is intended as general risk management information. It is made available with the understanding that Beazley does not render legal services or advice. It should not be construed or relied upon as legal advice and is not intended as a substitute for consultation with counsel. Beazley has not examined and/ or had access to any particular circumstances, needs, contracts and/or operations of any party having access to this document. There may be specific issues under applicable law, or related to the particular circumstances of your contracts or operations, for which you may wish the assistance of counsel. Although reasonable care has been taken in preparing the information set forth in this document, Beazley accepts no responsibility for any errors it may contain or for any losses allegedly attributable to this information.