The cyber landscape is shifting. The days of “simple” ransomware attacks (where a hacker locks a screen and demands a payout) are fading, but for seasoned brokers and underwriters, this is simply the signal to adapt. At Cowbell, we are big believers that better intelligence leads to better decisions, and recently looked into the threats specifically targeting small to medium-sized (SMB) insurance organisations.
Here is some clarity on the three trends shaping our market right now.
From Encryption to “Double Extortion”
We can see a shift in tactics from ransomware groups like Medusa, 8Base, and RansomHub. Rather than simply locking data, these actors are increasingly exfiltrating it.
For clients, this changes the nature of recovery. It is no longer only about restoring operations. It is about protecting confidential information and managing the impact if that data is exposed. Incidents involving firms like R.H. Clarkson Insurance Group, where more than 100GB of sensitive data was reportedly taken, and Young Consulting, which saw approximately one million individuals affected, reinforce a clear reality. Sensitive data has become the primary target.
This is why precision matters. Effective cyber protection means securing data itself, not just getting systems back online.
Clarity on Supply Chain Risks and Evolving Extortion
For a long time, the threat was primarily operational: a criminal encrypted your files, and you paid to get the key. But in the UK, businesses have become more resilient. By adopting offline and immutable backups, organisations removed the criminals’ leverage – if you can restore your systems yourself, there is no need to pay the ransom.
As payouts dropped, threat actors were forced to evolve. They have moved from locking you out, to locking you in a regulatory nightmare.
Today, the primary weapon isn’t just encryption; it is data exfiltration. Criminals are stealing sensitive data before triggering an attack, knowing that while backups can restore your operations, they cannot undo a data breach. This shift moves the pressure point from business interruption to privacy liability, reputational damage, and regulatory scrutiny under the GDPR.
What this means for your clients:
- Resilience is more than recovery: Being able to restore servers is excellent, but it is no longer a “get out of jail free” card if sensitive data has been stolen.
- The supply chain is the new backdoor: Attackers are increasingly targeting smaller, less secure vendors in a supply chain to access these larger data pools.
- Protection must evolve: We need to ensure clients aren’t just prepared to recover, but are actively monitoring data movement and securing the perimeter to prevent the theft in the first place.
This isn’t about fear; it’s about the economics of crime. As businesses get smarter, criminals get desperate. Our job is to help you stay one step ahead of their next pivot.
“You cannot effectively protect a modern business using static data alone. A vendor’s vulnerability can quickly become the insured’s challenge, which is why tools – such as Cowbell Factors – provide a precise view of risk that includes the supply chain. We use AI to bring these hidden dependencies to the surface, giving brokers and policyholders the confidence that their coverage is tuned to their actual reality.”
– Rajeev Gupta, Co-founder and Chief Product Officer, Cowbell
The Human Element: Staying Ahead of Social Engineering
Finally, we noticed a rise in sophisticated “vishing” (voice phishing) and campaigns like StrelaStealer targeting our sector, and with the help of AI, these attempts are becoming more convincing. However, this isn’t cause for alarm, it’s a reason for having better tools. While threats evolve, so too must our ability to manage them.
A Partnership Built on Resilience
For brokers, this intelligence is an opportunity to strengthen your client partnerships. We don’t add to the noise; we help you make sense of it. We urge you to use these findings to have practical, focused conversations with your clients about their vendors and authentication protocols.
By combining the market expertise of our underwriting teams with the clarity of Cowbell Factors™, we deliver the quiet assurance that comes from systems designed to make you stronger.
