Cyberattacks involving ransomware — in which criminals use malicious software to encrypt a users’ data and then extort money to unencrypt it — increased 50 percent in 2016, Verizon reports.
And criminals increasingly shifted from going after individuals to attacking organizations, the report said. Government organizations were the most frequent target of these ransomware attacks, followed by health care businesses and financial services, according to data from security company McAfee, which partnered with Verizon on the report published Thursday.
Instances of ransomware attacks have grown along with the market for bitcoin, the digital currency that is most commonly how cybercriminals demand ransoms.
While overall most malware was delivered through infected websites, increasingly criminals were turning to phishing — using fraudulent emails designed to get a user to download attachments or click on links to websites that are infected with malware — to carry out attacks. A fifth of all malware raids began with a phishing email in 2016, while fewer than 1 in 10 did the year before, according to the report.
“These emails are often targeted at specific job functions, such as HR and accounting — whose employees are most likely to open attachments or click on links — or even specific individuals,” the report said.
Whereas in the past most ransomware simply encrypted the data on the device where it was first opened, Marc Spitler, a Verizon security researcher, said criminal gangs were increasingly using more sophisticated hacking techniques, seeking out business critical systems and encrypting entire data servers. “There is increased sophisticated surveillance and targeting of organizations to maximize profit,” he said.
Criminal gangs were behind the majority of all cybersecurity breaches, Verizon said, with financial services firms the most common victims, accounting for about a quarter of all attacks.
But espionage — whether that was by foreign governments or unknown entities — was on the rise, Verizon said, accounting for 21 percent of all breaches in 2016 up from less than 10 percent in 2010. Besides governments, manufacturing firms were the most likely to be targeted in espionage-motivated attacks, the report said.