Orange Cyberdefense published its Cy-Xplorer 2023 report, which analyzed over 2,100 organizations globally that refused to pay the ransom and had their data leaked. The report, furthermore, notes that cyber extortion groups have shifted their focus from North America and Europe to Latin America, possibly due to Russia’s invasion of Ukraine.
Some stats your way
While cyber extortion victims were identified across 96 countries, certain regions witnessed a rise in popularity among threat actors throughout 2022.
The U.S. experienced a decline of 21% in the number of victims compared to the previous year. Similarly, Canada observed a decrease of 28%, Europe saw a decrease of 2%, and Australia/New Zealand witnessed an 11% decline in the volume of extortion victims.
In contrast, South East Asia encountered a significant surge of 42% in the number of extortion victims, while Latin America experienced a notable increase of 32% during the same period.
In 2022, 74% of extortion victims were from NATO countries. However, this count experienced a significant decline at the onset of the war in Ukraine and continued to decrease as the conflict progressed.
Overall, the total number of victims decreased by 8% in 2022. However, there has been a recent surge in victim count during the first quarter of 2023, indicating that threat actors are once again active and operational.
Coming on to victims
During 2022, the manufacturing sector experienced a significant decline of 39% in the number of victims, particularly noticeable during the latter half of the year. One probable factor contributing to this sharp decrease is the demise of the Conti group.
In contrast, the education sector encountered a substantial increase of 41% in victim counts compared to the previous year. Notably, the Vice Society group played a significant role.
The financial sector witnessed a rise in cyber extortion attacks, with an increase of 11%. Over 130 financial institutions fell victim to these attacks. It is noteworthy that 75% of all victims in this sector have fewer than 1,000 employees, thereby suggesting a higher risk among small- to mid-sized firms.
The bottom line
Due to the persistence of high-impact extortion attacks, governments across the globe are increasingly taking proactive measures against perpetrators. Although the growth of attacks showed signs of slowing down in 2022, the data from Q1 2023 indicates that it is not a time for complacency. Lately, several threat actors known for deploying ransomware have begun to skip encryption and instead move straight to data theft and extortion. Cyber extortion is a problem that businesses cannot effectively address in isolation, highlighting the significance of collective efforts.