Orange says 2023 has been a record year for cyber extortion

This is according to Orange Cyberdefense's latest annual Security Navigator report. It documents and analyses cyber attacks, providing insight into the evolving threat landscape.

Large enterprises employing more than 10,000 are targeted more than most, representing 40% of cyber extortion victims. Orange said ransomware group Cl0p – which this year made headlines after it exploited a vulnerability in file transfer software called MOVEit – single-handedly exacerbated this particular trend.

While large organisations are the single biggest group, small and medium organisations together comprise almost half of all victims, representing 25% and 23% respectively.

According to Orange, the overall number of attempted cyberattacks this year reached 129,395, a 30% increase on 2022. Of those attempts, 25,076 were successful, which happily equates to a 14% year-on-year decline.

Hacking – which leads to issues like cyber extortion – remains the most popular activity among cyber criminals, accounting for 30.3% of confirmed incidents. This is followed by misuse of organisational resources (16%) and installing malware (13%).

In terms of industry sectors, manufacturing continues to be the most frequent victim, accounting for 32.4% of confirmed incidents, followed by retail trade (21.7%) and professional, scientific and technological services (9.8%) – see chart below.

Meanwhile, hacktivism, which has been a growing phenomenon over the past two years, has continued its rise – driven primarily by the war in Ukraine – reaching record levels this year, said Orange. Europe was by far the biggest victim, accounting for 85% of hacktivist attacks in 2023, followed by North America (7%) and the Middle East (3%). The most frequently attacked countries are those neighbouring Ukraine.

"Most of the hacktivist attacks that we are observing are Distributed-Denial-of-Service (DDoS) attacks," said Orange. "Some hacktivist groups have developed strong DDoS capabilities, while others are noisy about their capabilities and impact, applying a language and narrative that is disproportional to their actual action (and impact)."

This, says Orange, represents a new tactic by attackers, one that it calls 'cognitive' attacks. The impact has less to do with disrupting systems or stealing valuable data, and more to do with causing reputational damage and spreading anxiety and fear among a population.

"This year's report underlines the unpredictable environment we face today, and we see our teams working harder than ever as the number of detected incidents continues to increase," said Hugues Foulon, CEO, Orange Cyberdefense.

"Together, with our customers, we are pursuing an unwavering policy of awareness and support for our increasingly interconnected world," he continued. "We are adapting to new technologies and preparing for new threat actors by continuing to anticipate, detect, and contain attacks when they emerge."

While it's good to see a decline in the number of successful attacks, the overarching message from the report seems to be – somewhat depressingly – that fending off increasingly-resourceful hackers is just part and parcel of doing business.