Cyber extortion sees huge rise — and small businesses are four times more likely to be hit
Cy-Explorer 2024 report finds small businesses could be hit the hardest by extortion
Cyber extortion remains the most prominent threat facing businesses of all sizes across all industries, a new report from Orange Cyberdefense has found.
The 2024 Cy-Explorer report worryingly uncovered that the number of victims of cyber extortion scams has grown by 77% year on year.
The research added small businesses are four times more likely to be impacted by cyber extortion than medium and large businesses.
Cyber extortion and the “dark number”
Hackers looking to apply pressure on a business that has suffered a ransomware attack may post snippets of the stolen data on dark web leak sites to apply additional pressure on the victim organization to pay up the ransom, or suffer the consequences.
In Q1 of 2024 alone, there were 1,046 organizations that were the victims of double-extortion. The actual figure for victims of ransomware attacks is likely to be much higher - known as the “dark number” - due to the stats on cyber extortion being gathered from observable data on dark web leak sites.
Hackers are increasingly targeting regions with strong economic growth and regions with shared languages, with attacks in the US, UK and Canada increasing 108%, 96% and 76% respectively. Europe also saw a 60% increase in cyber extortion.
All industries are at risk of being targeted, with the top three being manufacturing, professional, scientific, and technical services, and wholesale trade. The report points out that there has been a marked increase in attacks against health care and social assistance organizations, with Orange Cyberdefense stating that, “Threat Actors currently seem completely willing to compromise and extort healthcare institutions despite the societal implications and potential political consequences.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Moreover, victims of cyber extortion are repeatedly having their data posted on leak sites by different threat actors over long periods of time, as threat actors seek to increase pressure, inflict punishment on organizations that refuse to pay up, and to recoup financial investment by selling the stolen data. Some organizations had their data posted up to three times across different sites by multiple different threat groups.
Luckily for us, threat actors are predictable and stick with what works for them. Their tactics, techniques and procedures (TTPs) do not drastically change, and the vulnerabilities they exploit can be mitigated with patch management and vulnerability management. Orange Cyberdefense offers the following recommendations to protect against cyber extortion, ransomware and other general malware:
- Put in place a backup plan to keep the data most important to your organization safe, in an offline and/or offsite location. Plans for restoring backups should be tested regularly, and the backups themselves should be kept up to date with critical data.
- Ensure your devices use up-to-date software, especially if they are internet-facing, using a well-maintained asset register.
- Put in place a strong multi-factor authentication system to mitigate initial-access and lateral movement, and only provide users access to the systems they need to do their job.
More from TechRadar Pro
- These are the best endpoint protection tools around
- Average ransomware payment demands soars as criminals grow more confident
- Take a look at our guide to the best VPN with antivirus
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.