Steady Increase in Extortion Activity Despite Law Enforcement Efforts
In the first half of 2024, there was a steady increase in the activity of extortion groups, despite the significant efforts of law enforcement agencies to suppress them. According to data from Unit 42, the number of new publications on data compromise reached 1,762, averaging 294 posts per month. This data confirms the high level of threat posed by extortionists, even with successful operations against some groups.
Distinct Extortion Groups and Sectors Affected
Six groups, such as Ambitious Scorpius and Flighty Scorpius, accounted for more than half of all recorded incidents. Although some groups reduced their activity due to law enforcement intervention, new threats emerged to take their place. Sectors most affected by extortion programs in the first half of 2024 were production, health, and construction. The production sector was the most vulnerable, accounting for 16.4% of all attacks, followed by health care at 9.6% and construction at 9.4%.
Global Impact of Extortion Programs
The United States had the largest number of extortion victims, representing 52% of all incidents. Other countries in the top ten most affected included Canada, Great Britain, Germany, Italy, France, Spain, Brazil, Australia, and Belgium.
Reasons Behind Extortionists’ Activity
Analysts attribute the increase in extortion activity in 2024 to the exploitation of recently identified vulnerabilities. Cybercriminals are actively exploiting opportunities to penetrate victims’ systems and move laterally within hacking systems.
Ongoing Threats and Law Enforcement Efforts
While law enforcement agencies conducted successful operations leading to arrests and infrastructure removal of key extortion groups in the first half of 2024, threats continue to evolve. New groups like Sporpius and Slippery Scorpius are filling the void left by the dismantling of older groups. This underscores the importance of continuous monitoring and updating protection measures against extortion threats.