Sponsored By

Orange says 2023 has been a record year for cyber extortion

The number of cyber extortion victims has jumped 46% this year, a new and unwelcome record.

Nick Wood

December 1, 2023

2 Min Read
hacker security

This is according to Orange Cyberdefense's latest annual Security Navigator report. It documents and analyses cyber attacks, providing insight into the evolving threat landscape.

Large enterprises employing more than 10,000 are targeted more than most, representing 40% of cyber extortion victims. Orange said ransomware group Cl0p – which this year made headlines after it exploited a vulnerability in file transfer software called MOVEit – single-handedly exacerbated this particular trend.

While large organisations are the single biggest group, small and medium organisations together comprise almost half of all victims, representing 25% and 23% respectively.

According to Orange, the overall number of attempted cyberattacks this year reached 129,395, a 30% increase on 2022. Of those attempts, 25,076 were successful, which happily equates to a 14% year-on-year decline.

Hacking – which leads to issues like cyber extortion – remains the most popular activity among cyber criminals, accounting for 30.3% of confirmed incidents. This is followed by misuse of organisational resources (16%) and installing malware (13%).

In terms of industry sectors, manufacturing continues to be the most frequent victim, accounting for 32.4% of confirmed incidents, followed by retail trade (21.7%) and professional, scientific and technological services (9.8%) – see chart below.

Orange_cyberdefense_pie_chart.jpg

Meanwhile, hacktivism, which has been a growing phenomenon over the past two years, has continued its rise – driven primarily by the war in Ukraine – reaching record levels this year, said Orange. Europe was by far the biggest victim, accounting for 85% of hacktivist attacks in 2023, followed by North America (7%) and the Middle East (3%). The most frequently attacked countries are those neighbouring Ukraine.

"Most of the hacktivist attacks that we are observing are Distributed-Denial-of-Service (DDoS) attacks," said Orange. "Some hacktivist groups have developed strong DDoS capabilities, while others are noisy about their capabilities and impact, applying a language and narrative that is disproportional to their actual action (and impact)."

This, says Orange, represents a new tactic by attackers, one that it calls 'cognitive' attacks. The impact has less to do with disrupting systems or stealing valuable data, and more to do with causing reputational damage and spreading anxiety and fear among a population.

"This year's report underlines the unpredictable environment we face today, and we see our teams working harder than ever as the number of detected incidents continues to increase," said Hugues Foulon, CEO, Orange Cyberdefense.

"Together, with our customers, we are pursuing an unwavering policy of awareness and support for our increasingly interconnected world," he continued. "We are adapting to new technologies and preparing for new threat actors by continuing to anticipate, detect, and contain attacks when they emerge."

While it's good to see a decline in the number of successful attacks, the overarching message from the report seems to be – somewhat depressingly – that fending off increasingly-resourceful hackers is just part and parcel of doing business.

About the Author(s)

Nick Wood

Nick is a freelancer who has covered the global telecoms industry for more than 15 years. Areas of expertise include operator strategies; M&As; and emerging technologies, among others. As a freelancer, Nick has contributed news and features for many well-known industry publications. Before that, he wrote daily news and regular features as deputy editor of Total Telecom. He has a first-class honours degree in journalism from the University of Westminster.

Get the latest news straight to your inbox.
Register for the Telecoms.com newsletter here.

You May Also Like