A new levelling of the physical and cyber battlefields, and hacktivism as a political tool are among the findings by the cyber firm Orange Cyberdefense, an arm of telecoms firm Orange. It’s launched its annual security research report, the Security Navigator 2024..
During 2023, the researchers found 25 cyber extortion groups had disappeared from 2022, 23 had survived from the previous year and there were 31 new groups we had never seen before. Of the Cyber Extortion groups that existed, over half (54pc) had a life span of up to six months, 21p cseven to 12 months and 10pc of all groups made it to the age of 13 to 18 months. For the researchers, this highlights the challenges faced by those attempting to disrupt a cyber extortion operation.
Over the past two years, there has been an evident increase of activity in the hacktivism space to support causes of a political or social nature. The report found attacks from hacktivist groups involved in the war against Ukraine, siding with Russia or Ukraine, have reached record-high levels. Ukraine, Poland and Sweden are the most impacted by the pro-Russian hacktivists tracked. This upwards trend is being exacerbated further by other geopolitical events which have sparked the creation of new groups, most recently spawned by the latest Hamas-Israel war in the Middle East.
Europe was impacted by most, 85pc of all hacktivist attacks seen in 2023, followed by North America (7pc) and the Middle East (3pc). Most of the over-attacked countries are geographically relatively close to the war against Ukraine.
The research has shown a continuous evolution towards ‘cognitive’ attacks, which seek to shape perception through technical activity. The impact has less to do with the disruptive effect of the attack or the value of the data or systems that are affected (such as stolen, leaked or destroyed) but with the impact that these attacks will have on societal perception. Not only do we witness cyber events that impact the physical world; we also observe physical events that illicit a direct cyber response from threat actors, thus in turn causing an escalation of those very same geopolitical tensions, the firm said.
Most of the hacktivist attacks observed are Distributed-Denial-of-Service (DDoS) attacks. Some hacktivist groups have developed strong DDoS capabilities, while others are noisy about their capabilities and impact, applying a language and narrative that is disproportional to their actual action (and impact).
Comment
Hugues Foulon, CEO, Orange Cyberdefense said: “This year’s report underlines the unpredictable environment we face today, and we see our teams working harder than ever as the number of detected incidents continues to increase (+30pc YOY). Whilst we are seeing a surge in the number of large businesses impacted by Cyber Extortion (40pc), small and medium businesses together are making up nearly half of all victims (48pc).
“Together, with our customers, we are pursuing an unwavering policy of awareness and support for our increasingly interconnected world. We are adapting to new technologies and preparing for new threat actors by continuing to anticipate, detect and contain attacks when they emerge.”
The firm has some 18 SOCs and 14 CyberSOCs.
