Ransomware dominated the cyberthreat landscape in 2016, increasing more than 600% over 2015, according to a new report from PhishMe.
PhishMe analyzed more than 2,500 phishing attacks in 2016 to determine the tools and techniques most frequently used by cybercriminals. Ransomware including Locky, Creber, and TeslaCrypt grew rapidly, though other forms of malware designed to steal information also remained popular.
Ransomware tools were used in 90% of all collected malware payload URLs identified by PhishMe throughout 2016, leading to estimated losses of more than $1 billion, the report found. And, as delivery methods grew more sophisticated in Q4 2016, enterprises should expect ransomware attacks to continue to evolve this year, the report stated.
Despite this growth, a large portion of phishing attacks recorded in 2016 came through older malware methods—such as remote access trojans or keyloggers—showing that many cybercriminals remain committed to using more traditional tools to steal private information, the report stated.
"While the spread of ransomware tools dominated industry discussions in 2016, threat actors remained committed to their tried-and-true techniques," said Aaron Higbee, cofounder and CTO of PhishMe, in a press release. "In addition to focusing on the 'smash and grab' of ransomware, threat actors also continue to quietly infiltrate the target's environment, thus making it increasingly important to detect malware during the delivery phase. This challenges the traditional sense of malware hunting."
Though ransomware made headlines after large scale attacks on hospitals, schools, and other organizations, attacks known as "quiet malware" were also prevalent. These types of attacks allow cybercriminals to watch the victim over a period of time, assessing their ability to pay a ransom and what amount they can ask for, before deploying the ransomware.
These tools demonstrate how hackers are evolving their techniques to get around traditional security protections, the report noted.
Enterprises can avoid ransomware attacks by keeping all software up to date, backing up information every day, segmenting their network, and training staff on cybersecurity practices.
The 3 big takeaways for TechRepublic readers
- Ransomware attacks grew by more than 600% in 2016 over 2015, and cost victims more than $1 billion, according to a new report from PhishMe.
- A large portion of phishing attacks recorded in 2016 came through older malware methods—such as remote access trojans or keyloggers
- Enterprises can take steps to avoid ransomware attacks, including keeping software up to date and training staff on cyber hygiene.
- Cybersecurity: Two-thirds of CIOs say threats increasing, cite growth of ransomware (TechRepublic)
- Easy to carry out, difficult to fight against: Why ransomware is booming in 2016 (ZDNet)
- Security breaches: How small businesses can avoid a HIPAA lawsuit (TechRepublic)
- Security TV: Ignore the email threat at your peril (ZDNet)
- Report: Despite growing security threats, CXOs struggle to find cybersecurity professionals (TechRepublic)
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.