Cyber extortion remains a top threat, but its geographical reach is shifting, Orange Cyberdefense (OCD) found in the Security Navigator 2023, the latest edition of its annual report on the threat landscape, released on December 1, 2022.
The report shows that cyber extortion, a category designated ‘Cy-X’ by OCD represents the compromise of some assets from a corporate network for ransom and includes ransomware, ranks as the number one type of cyberattack.
Such attacks accounted for a large majority of the 29,291 incidents the report was able to confirm, Charl van der Walt, head of OCD’s Security Research Center and lead author of the report, told Infosecurity.
Cyber Extortion Surges in China
However, Van der Walt’s team saw a significant geographic shift in victims of cyber extortion.
“Large English-speaking countries have always been the most impacted by cyber extortion, primarily because of the size of their economy and the easy access their businesses offer to cyber-criminals,” Van der Walt recalled.
“More generally, we are convinced that victims’ geographics tracks GDP, with the exception of India, China and Japan due to language and cultural ‘barriers’,” he added.
While seven of the 10 countries with the most victims of extortion in the Security Navigator 2023 aligned with the world’s largest economies, many regions outside of the English-speaking regions are now being hit.
OCD reported US-based Cy-X volumes down 8% in the last 12 months and down 32% in Canada. The EU and the UK continued to see their cyber extortion victims grow by 18% and 21%.
The most significant growth, however, can be seen in Africa (+50%), the Middle East (+79%) and South Asia (+100%). China alone saw an increase of 182% in victims of Cy-X between 2021 and 2022.
Businesses’ Security Seems to Be Getting Better
The report also found that overall cyber incidents increased by 5% globally between 2021 and 2022. “This good news, as last year’s increase was higher (+13%),” Hugues Foulon, OCD’s CEO, stated during the launching event in Lyon on November 25, 2022.
According to Van der Walt, “it means that, by some measures, our clients' security seems to be getting better.”
The researcher claimed that this improvement can largely be attributed to “enhanced penetration testing and the growth in and increased sophistication of security tools such as endpoint detection and response (EDR) solutions.”
"We're not saying there is less activity, but less drama for the clients."Charl van der Walt, head of security research, Orange Cyberdefense
This year’s report shows that of 99,506 potential cybersecurity incidents, 29,291 were confirmed. “This represents a decrease of 17.7% of confirmed cyber incidents compared with 2021’s data, which means that, for the same amount of spend, the client is now dealing with more precise, more specific things and less low signals," Van der Walt said.
“We're not saying there is less activity, but less drama for the clients,” he added.
Manufacturing Remains the Most Impacted Industry
Other findings of the report show that phishing continues to be the number one vector of compromise and malware the leading corruption tool, accounting for 40% of cyber incidents – and up to 43% for large companies and 49% for SMEs.
Similarly, the manufacturing industry remains the most impacted sector in terms of victim count.
This ranking is especially worrying, “given that manufacturing is a relatively small industry,” Van der Walt noted.
“This could be because industrial businesses are more targeted but also because they are not paying as much as other sectors, which entices threat actors to publish the hacks. We only see the information that either party wants to share – not the negotiations behind closed doors,” he added.