The geopolitics of cyber extortion: analysis and implications according to Orange Cyberdefense

Cyber threats, especially cyber extortion attacks, have become increasingly common in recent years, putting organizations of all sizes and industries at risk. This is the finding of Orange Cyberdefense, which analyzed the data relating to 6,707 companies confirmed victims. Despite an 8% drop in cyber extortion victims in 2022, this trend was short lived, as the most recent data shows record volumes in the first quarter of 2023. The year 2022 was marked by several strategic shifts for major cyber-extortion operations, with significant geographic variation in attacks.

New theaters of cyber warfare and the influence of geopolitics

The report noted a considerable increase in attacks (42%) in Southeast Asia, most affecting Indonesia, Singapore, Thailand, the Philippines and Malaysia, while there was a reduction in regions such as North America and Europe. Threat actors have had to seek new hunting grounds in response to the active reaction of large Western countries. Also, there has been a noticeable influence of the geopolitical situation, such as the war in Ukraine, on the cyber extortion schemes. Contrary to expectations, attacks on NATO member states have decreased significantly as the conflict has progressed.

Sectoral and dimensional variations of victims of cyber extortion

While an increase in victimized organizations in NATO member states was expected, just the opposite was observed. Non-NATO countries, such as those in Latin America (+32%) and Southeast Asia, have seen an increase in casualties. In 2022, the manufacturing sector was the hardest hit, accounting for a fifth of all fatalities, but suffered a 39% decrease. Instead, the education and utilities sectors suffered the most, with an increase of 41% and 51% respectively. When it comes to company size, in 2022, large organizations were the hardest hit (36%), but small and medium-sized businesses weren't far behind.

Global response to cyber threats and hopes for the future

In the face of these high-impact attacks, governments around the world are starting to fight back. Some have barred companies from paying ransoms when demanded, while others have issued official statements condemning foreign threat actors. Despite the delay, law enforcement is catching up, increasingly disrupting the activities of threat actors. According to Hugues Foulon, CEO of Orange Cyberdefense, despite an increase in casualties in the first quarter of 2023, there is hope that continued efforts to combat the threat of cyber extortion could lead to more positive results this year. Charl van der Walt, Head of Security Research at Orange Cyberdefense, stressed the importance of public-private sector collaboration to effectively fight this type of crime.