Technology

Cyber extortion attacks soar by 77% in 2024 amid evolving AI challenges

Friday, 18 April 2025 12:04AM UTC

A recent report reveals a 77% rise in cyber extortion victims globally this year, highlighting the growing threat across multiple industries. Experts warn AI presents both new risks and defence opportunities, urging organisations to prioritise fundamental security measures and employee training to combat evolving cyber threats effectively.

Cyber extortion attacks have seen a marked surge globally in 2024, with a recent report revealing a 77% increase in victims compared to the previous year. The cybersecurity landscape remains fraught with risk, as multiple industries, including manufacturing, healthcare, and professional services, report frequent targeting by cybercriminals. Despite the sophisticated nature of these attacks, experts advise that effective organisational security can be achieved through comprehensive yet straightforward measures rather than solely relying on emerging technologies.

Scott Walker and Stuart Kennedy, respectively the CSIRT Manager and Senior Security Analyst at Orange Cyberdefense, shed light on the current cyber threat environment and the potential role of artificial intelligence (AI) in both exacerbating and mitigating risks. “Generative AI is the technology topic de jour and has already proven to be a powerful tool for both bad actors and cybersecurity professionals,” they state. On one hand, malicious actors, including state-sponsored groups, have leveraged AI to develop more convincing phishing schemes using techniques such as voice emulation and deepfake technology. Conversely, cybersecurity teams benefit from AI’s ability to enhance threat detection, improve incident response times, and support risk management protocols.

Despite AI’s promise, experts caution against viewing it as a cure-all for cybersecurity challenges. The technology’s infancy, combined with nascent implementation frameworks, means many organisations are still grappling with integrating AI safely into their systems. “Many organisations have yet to get a handle on AI and where it sits within their technology infrastructure,” according to the report. There is a risk that AI applications, if improperly managed, could become attack vectors themselves. To this end, companies are encouraged to prioritise establishing a strong baseline of classical security practices before adopting AI-driven strategies, including clarifying the systems to which AI tools connect and training employees on their appropriate usage.

The human element remains a critical vulnerability in cybersecurity defence. The report highlights that 37% of cyber incidents originate internally, often linked to employee error or insider issues. Effective risk mitigation is therefore reliant on fostering a culture of security awareness across all levels of an organisation. This involves integrating continuous training programmes that educate staff, contractors, partners, and suppliers about recognising and responding to cyber extortion, social engineering, and other security threats. The authors acknowledge potential resistance to such initiatives but emphasise that “security leaders must clearly demonstrate the consequences of inadequate security measures and effectively communicate their security strategy across the organisation to secure employee buy-in in every function.”

Establishing realistic goals for cybersecurity success is also advocated, recognising that completely eliminating incidents is unlikely in the face of evolving threats. Instead, companies should focus on measurable objectives such as reducing incident numbers, improving the speed of detection and remediation, and enhancing resilience through efficient backup and recovery processes. Emphasis should be placed on safeguarding highly sensitive data by developing strategies that minimise unauthorised access risks.

Crucially, the report stresses that cybersecurity should not rely on technology in isolation. Achieving strong defences requires the alignment of people, processes, and technology. Over-reliance on technological solutions without maintaining rigorous educational standards and procedural discipline can leave organisations vulnerable to significant breaches. Adapting to the changing threat landscape demands continuous evolution in security approaches supported by well-informed personnel and robust processes.

This comprehensive analysis was shared as part of TechRadarPro’s Expert Insights series, featuring contributions from leading figures in the technology sector. The perspectives provided reflect those of the authors and do not necessarily represent the views of TechRadarPro or its parent company.

Source: Noah Wire Services

More on this

https://reliaquest.com/blog/ransomware-and-cyber-extortion-in-q4-2024/ - This article details the sharp increase in ransomware and cyber extortion incidents in 2024, noting the surge in the number of victims and the rise of many new ransomware groups, corroborating the claim of a 77% increase in ransomware victims and the targeting of multiple industries including manufacturing.
https://nordlayer.com/blog/cybersecurity-statistics-of-2024/ - This source supports the article's point about the frequent targeting of industries like healthcare and professional services by cybercriminals in 2024 and provides statistics on the rise of cyber warfare and ransomware, as well as the expanding role of AI in cybersecurity risks and defenses.
https://blog.checkpoint.com/research/a-closer-look-at-q3-2024-75-surge-in-cyber-attacks-worldwide/ - This report confirms a 75% surge in cyber attacks globally in Q3 2024, with detailed data on industry targets including manufacturing, healthcare, and professional services, supporting the article's claim about the rise in attacks and key industry impact.
https://www.nu.edu/blog/cybersecurity-statistics/ - This source provides insights into the integration challenges of AI in cybersecurity and highlights its dual use by both attackers and defenders, verifying claims regarding AI's risks and benefits in the cybersecurity landscape as discussed by Orange Cyberdefense experts.
https://riskandinsurance.com/businesses-report-increase-in-cyberattacks-in-2024/ - This article backs the claim that many organisations experience increased cyber extortion incidents and emphasizes the importance of classical security practices, security culture, and employee awareness programs in managing cyber risks, aligning with the report's emphasis on human factors and foundational security.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 9

Notes: The narrative discusses cyber extortion increases in 2024 and references current expert roles, indicating recent and relevant content. There is no indication of recycled or outdated material. The lack of indication that this is a press release limits the freshness score from a perfect 10, but the embedding in TechRadarPro's Expert Insights series suggests original, timely analysis.

Quotes check

Score: 8

Notes: Direct quotes from Scott Walker and Stuart Kennedy are provided but no original published source or date for these quotes was found online in the search results. This may indicate original commentary or first publication here, enhancing credibility, but lack of traceable, earlier attribution prevents a perfect score.

Source reliability

Score: 8

Notes: The narrative originates from TechRadarPro, a well-known technology news outlet with a solid reputation for expert contributions. While not among the very top tier global outlets like Reuters or BBC, TechRadarPro is generally reliable for technology and cybersecurity topics.

Plausability check

Score: 9

Notes: The claims about rising cyber extortion, AI's dual use in cyber threats and defence, and emphasis on fundamentals over latest AI tech align with current cybersecurity trends documented through early 2025. The advice and statistics appear plausible and consistent with industry knowledge, though some specifics (e.g., exact 77% increase) cannot be independently verified here.

Overall assessment

Verdict (FAIL, OPEN, PASS): PASS

Confidence (LOW, MEDIUM, HIGH): HIGH

Summary: The narrative is a recent, expert-informed discussion grounded in current 2024-2025 cybersecurity realities. It provides original expert quotes with no signs of recycled content, sourced from a reputable tech publication. The information is plausible and consistent with industry trends, warranting a high confidence reliability assessment.

cybersecurity
cyber extortion
artificial intelligence
cybercrime
risk management