Cy-Xplorer - The report on cyber extortion

Your companion for traversing the cyber extortion threat landscape.

Whilst commonly referred to as Ransomware, we define “Cyber Extortion” (Cy-X) as a form of computer crime in which the security of a digital asset (Confidentiality, Integrity, or Availability) is compromised and exploited in a threat of some form to extort payment.

Astonishing key facts from the report:

The problem continues to grow: The number of observable victims has grown 77% over the past 12 months, with 60 distinct threat actors responsible for 4,374 victims over that period.
The problem is bigger than we think: Our analysis of the data emerging from recent Law Enforcement efforts against Cy-X operations suggests that the actual number of victims is at least 50% higher than the observable incidents we have recorded thus far.
The problem is universal: We assess that 75% of all countries in the world have had businesses directly impacted by Cy-X since 2020. We have also recorded victims in each of the 20 industries classified by the North American Industry Classification System (NAICS). Businesses of every size are also impacted. Small businesses are impacted by Cy-X 4.2x more often than medium and large businesses combined

The annual review of cyber extortion evolution.

Orange Cyberdefense has been observing the threat of Cy-X since the beginning of 2020. Since then, we have built a rich dataset of the victims that have fallen to Cy-X attacks. Our data includes details of over 11,200 victims. Combined with technical insight provided by our CERT and CSIRT teams in the field, the data in this report provides unique insight into the scale, scope, nature, and probable trajectory of the Cy-X threat.

Download our Cy-Xplorer 2024 report to learn more.