Cyber extortion gangs may have been affected by Russia’s invasion of Ukraine in 2022, shifting their focus from North America and Europe to Latin America and Asia, according to Orange CyberDefense.
Compiled by a security vendor Rhinoceros Explorer 2023 The report analyzes more than 2,100 organizations around the world that were publicly humiliated as victims of cyber-extortion last year, refusing to pay ransoms and posting on leaked sites.
For more information on ransomware trends, see 94% reduction in time to deploy ransomware.
Victims spanned 96 countries, but in some regions it grew in popularity among threat actors into 2022.
In 2022, the number of victims in the United States will decrease by 21% from the previous year, Canada by 28%, Europe by 2%, and Australia/New Zealand by 11%. In contrast, in Southeast Asia he increased the number of extortion victims by 42%, and in Latin America he increased by 32%.
According to Orange Cyberdefense, while North America and Europe as a whole still have more victims than other regions, the trend may speak to shifting priorities.
This is due to several factors, including improved cyber defenses by Western companies, reduced government scrutiny of cyber extortion incidents in newly targeted regions, and potential geopolitical factors. It may be the result of factors.
As for the latter, Orange Cyberdefense said that 74% of all extortion victims in 2022 were from NATO member states, but this number “dropped significantly” at the start of the Ukraine war and declined as the war progressed. claimed to continue. Additionally, activity by pro-Russian threat actors did not result in a noticeable increase in victim numbers in NATO countries.
Orange also argued that the war had slowed down the extortion campaign overall, initially forcing the attackers to regroup before continuing their attacks. In fact, overall victim numbers fell by 8% in 2022, but the new surge in Q1 2023 indicates that threat actors are very active. increase.
“While 2022 saw a slowdown in attack growth, Q1 shows that it is not the time to be complacent. Our research shows that cooperation between industry and government is key to curbing malicious cyber activity,” argued Hugues Foulon, CEO of Orange Cyberdefense.
“While the true impact of geopolitical events such as the war in Ukraine in cyberspace is yet to be seen, increasing efforts put in place at the government level are needed to address the ever-present risks posed by threat actors. It is essential.”
