Malicious parties are changing their focus from North America to regions like Europe, Asia, and South Africa when it comes to Cyber Extortion.<\/p>\n
This is one of the most fascinating findings from the ground-breaking Security Navigator report published by Orange Cyberdefense in December 2022.<\/p>\n
\u201cThis could be because the US has increased its pressure on cyber criminals \u2013 and new markets present a less-risky opportunity for threat actors\u201d explains Charl van der Walt, Head of Security Research at Orange Cyberdefense and the lead author of the report.<\/p>\n
“Large, English-speaking countries have always been the most impacted by Cyber Extortion. This is primarily because of the size of their economies. The bigger the economy, the more businesses, the more potential victims, the more compromised victims.”<\/p>\n
“This however started changing in 2021 and has continued to do so throughout 2022.”<\/p>\n
“We observed a drop in US based volumes of 8% in the last 12 months, and a notable drop of 32% for victims in Canada.”<\/p>\n
“The location of victims seems to be shifting \u2013 from the US and Canada, through the UK and Western Europe, and toward the rest of the world, including South Africa.”<\/p>\n
“The EU and the UK saw their cyber extortion victims grow by 18% and 21%. The most significant growth, however, can be seen in Africa (+50%), the Middle East (+79%) and South Asia (+100%).\u201d<\/p>\n
This, he says, may be due to the high level of attention attacks against businesses in the US have attracted from Intelligence Agencies, Regulators and Law Enforcement and may be causing actors to \u2018hold back\u2019 on compromising or extorting victims in the USA, Canada and the UK.<\/p>\n
\u201cSome countries may therefore be able to manage the flow of victims in their backyards, but to the extent that they succeed, we anticipate the crime will only spill over to other, smaller and non-anglophone countries.\u201d<\/p>\n
\u201cWe use the term Cyber Extortion as a more accurate description of the crime than ransomware. \u2018Ransomware\u2019 refers to a form of malware sometimes used to underpin this kind of crime, not the form of the crime itself. The crime in question doesn\u2019t depend on this kind of malware either.”<\/p>\n
“Given this shift away from malware to simple data theft or denial of service (DoS), the use of the term ransomware doesn\u2019t cover the actual crimes being committed, from access to computers, theft of data and ultimately, some kind of extortion.\u201d clarified Charl van der Walt.<\/p>\n
Van der Walt will be sharing his observations and insights into the global threat landscape in an exclusive webinar unpacking the report on Feb 1st<\/sup>.<\/p>\n