Australia leads Asia Pacific in cyber extortion attacks

New research by Orange Cyberdefense has identified Australia as the most affected country by cyber extortion attacks in the Asia Pacific region, accounting for 22.2% of victims.

Orange Cyberdefense's Security Navigator 2025 report offers a detailed analysis of global cybersecurity threats, which have been influenced by geopolitical tensions and increasingly sophisticated threat actors. A notable finding from the report is the dual role of AI, which is enhancing threat detection but is also being exploited to create convincing phishing attacks and deepfakes.

The report highlights a 53% year-on-year increase in cyber extortion incidents impacting small businesses worldwide, with medium-sized businesses showing a comparable rise of 52%. The Health Care and Social Assistance sector was the fourth most impacted industry, showing a 50% increase in attacks from the previous year. Manufacturing, Professional, Scientific and Technical Services, and Wholesale Trade also saw notable increases in cyber extortion attacks, at 25%, 20%, and 65%, respectively.

Hacktivists have increasingly targeted operational technology systems critical to infrastructure in several sectors, including manufacturing and healthcare. Nearly 23% of these attacks were aimed at operational technology, illustrating a shift in focus by hacktivists to more sophisticated levels of disruption.

The report identifies Europe as the primary target for hacktivism, with many attacks intended to manipulate public perception instead of causing direct technical disruptions. One pro-Russian hacktivist group has launched over 6,600 attacks since March 2022, with 96% targeting European countries.

In remarks about the global cybersecurity landscape, Hugues Foulon, CEO of Orange Cyberdefense, said, "Cyber threats have become a critical barometer for anticipating global geopolitical tensions. The insights generated by our cyber teams provide a fresh and robust perspective on international disruptions and their operational impacts on society." He added, "The Security Navigator 2025 underscores an urgent need for coordinated defensive strategies across Europe and beyond, including enhanced incident response measures, strengthened OT protections, and proactive monitoring of public channels to counter the unique blend of cyber extortion, hacktivism, and cognitive warfare facing European organizations."

The report also focuses on the impact of cyber extortion on small and medium businesses, which now represent over two-thirds of all observed cyber extortion victims. The threat to these businesses is compounded by the risk of 'revictimization,' where stolen data is leveraged for successive extortion attempts, adding financial and psychological strain.

Security Navigator 2025 argues that traditional vulnerability management strategies are outdated, especially for smaller businesses that face a deluge of security vulnerabilities. This situation diverts resources away from preventive measures that could thwart successful attacks.

AI's double-edged nature in cybersecurity is further elaborated in the report. While AI aids in detecting elusive threats and has improved detection rates by up to 30%, vulnerabilities within GenAI solutions pose significant risks. Charl van der Walt, Head of Security Research, commented on the evolving threat landscape, stating, "The story in this year's report is far bigger than statistics and technical details. It shines a light on a growing cynicism in the threat landscape as different threat actors seem less concerned about the potential of causing harm, and may even be more intent on inflicting it than ever before."