Select your country

Not finding what you are looking for, select your country from our regional selector:


Cyber extortion spares no one: here’s what you need to act now

The cyber threat landscape is more complex than ever, with technologies like Generative AI increasing risks. Without managed threat detection and intelligence, your business remains vulnerable to cyber extortion. The impact can be devastating, and it’s only a matter of time before disaster strikes.

In March 2024, Belgian brewery Duvel-Moortgat was hit by a cyber-attack, causing a complete halt in production. To prevent a “national emergency”, the brewery promptly communicated that it had a large stock of beer to rely on. More recently, a cyber-attack on the UK’s National Health Service (NHS) led to a genuine national emergency as the health organization had to postpone thousands of surgeries in multiple London hospitals.

Unfortunately, these examples are no exception. Around the world, similar cyber-attacks have a significant impact on companies and society at large. According to Orange Cyberdefense’s recently published Cy-Xplorer 2024 report, cyber extortion (Cy-X) remains the most prominent form of cyber-attack. Ransomware is probably a more familiar term, referring to malicious software used to infect systems. Cyber extortion describes the crime committed with ransomware as threat actors steal and threaten to release data on dark web leak sites unless the victim pays a ransom - which is something we advise against as it helps to sustain the cyber extortion ecosystem.

Small businesses impacted four times more often

One of the most striking results in the report is the fact that small businesses are now impacted four times more often than their larger counterparts. While targeted attacks focus on bigger, more valuable organizations, Cy-X mainly hits smaller companies that lack the resources of large enterprises. This shift demonstrates that cyber-attackers are becoming more opportunistic in their approach. They prefer to attack the weakest link and exploit critical vulnerabilities, making as many victims as possible. In other words, your business could easily be next.

To underscore the urgency of this problem, here are some additional statistics on Cy-X from our report. Over the past twelve months, there has been a 77% year-over-year growth in the number of identified victims of cyber extortion. In the first quarter of 2024 alone, we recorded 1,046 victims. These figures are the result of careful screening of leak sites on the dark web by our investigators. Because they appear on leak sites, most victims have probably declined to pay the ransom, while those who did pay are not on the radar. According to our analysis, the actual number of victims is likely to be 50 to 60% higher.

Meanwhile, the moral boundaries of cyber-attackers are also expanding. When the pandemic began four years ago, one of the most prominent ransomware families, Maze, declared that they would not target hospitals or other essential organizations. Recent attacks on the NHS and many other healthcare victims prove that something has changed. In fact, our research shows that health and social assistance is now the third most targeted industry, with a 160% growth. Manufacturing remains the most popular target.

AI, a new driver for worse?

Unfortunately, being hit once does not mean your business can relax. On the contrary, our Cy-Xplorer report reveals a worrying trend of organizations being attacked multiple times. We have observed more than 200 occurrences of “revictimization” – 39 in early 2024. Some victims have been published two or even three times on dedicated leak sites by multiple threat actors.

Geographically, cyber extortion mostly targets English-speaking regions, with the biggest increase in the United States, the United Kingdom, Canada, and Europe. The economic size of the country and the native language are two key factors in this trend. However, this may soon change as artificial intelligence (AI) and generative AI (GenAI) enter the scene. Although our data does not yet reveal a significant impact of GenAI on cyber extortion, we should expect it to further expand the scope of cybercrime, targeting more businesses and producing more realistic phishing attacks.

AI is making social engineering more effective, fooling even trained individuals with incredibly sophisticated phishing attempts. Additionally, AI is an important driver behind the growing attack surface. As your organization is expanding its use of AI applications, you need to integrate your security measures accordingly. Fortunately, hackers are not the only ones benefiting from AI. At Orange Cyberdefense, we use the technology to help customers detect and analyze suspicious behavior, providing a deeper understanding of the threat landscape.

Cyber Experience Center

What can you do to deal with this expanding threat landscape? Are you certain that your business is resilient in the event of a cyber-attack? CISOs are often struggling with this task as they need to do more with less resources. In many organizations, cybersecurity is still not getting the attention it deserves. Preparing for a cyber crisis should be as common as preparing for a potential fire. You need a plan and a team with people who are accountable to take decisions in such a scenario.

One critical question you must ask is: how long can my business continue without new income? Or: how long does it take before you go bankrupt as a cyber-attack persists? The damage can be devastating, ranging from the loss of customers and declining brand value to fines and reduced competitive advantage. Cyber extortion encompasses more than just the ransom demanded by attackers. Like a fire, it can leave your business in ruins unless you have the means to quickly contain and extinguish the source of the fire.

Obviously, you do not want to learn this the hard way. To help the board members of companies grasp the impact of cyber extortion, Orange Cyberdefense developed a unique Cyber Experience Center in its office in Antwerp and in Paris. Think of it as an extensive fire drill where we simulate a cyber-attack on your company. What questions do you need to ask in this scenario? And even more importantly, what answers should already be available when disaster strikes? As you learn from our expert, the clock in the experience center ticks mercilessly – and your losses continue to increase.

The Cyber Experience Center has opened the eyes of hundreds of board members who have since decided to invest in robust security. At Orange Cyberdefense, we consider it our mission to make companies aware of emerging threats through training, detection and risk analysis. With over 3,000 multi-disciplined experts across the globe and certifications in several countries, we are on top of everything that happens in the cyber world.

Ready to strengthen your defenses against cyber extortion? Read our Cy-Xplorer 2024 report and contact us if you want to visit our Cyber Experience Center.

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline.