Criminals use encryption, data theft, harassment, and DDoS attacks to extort their victims.
Ransomware and extortion trends.
Palo Alto Networks’ Unit 42 has published its 2023 Ransomware Threat Report, finding that threat actors have significantly escalated their extortion tactics.
Data theft extortion on the rise.
By late 2022, threat actors were conducting data theft in 70% of ransomware attacks, compared to 40% in 2021. Additionally, the use of harassment as an extortion tactic rose from less than 1% in 2021 to 20% in 2022:
“Threat actors call and leave voicemails for corporate executive leaders and other employees, send emails to personnel, or disclose victims’ identities on a leak site or social media. The purpose of these activities is to make it uncomfortable for an organization to avoid responding to the threat actors and their demands.”
Manufacturing industry in the crosshairs.
Manufacturing organizations, particularly in the US, were the most frequent targets for extortion attacks last year:
“Based on our analysis of dark web leak sites, manufacturing was the most targeted industry in 2022, with 447 compromised organizations publicly exposed on leak sites. Unit 42 believes this is due to the prevalence of systems used by this industry running on out-of-date software that isn’t regularly or easily updated or patched—not to mention the industry’s low tolerance for downtime.
“Organizations based in the United States were most severely affected, according to leak site data, accounting for 42% of the observed leaks in 2022.”