The headline story of 2016 threat landscape
was the explosive growth of ransomware
and the massive email campaigns that delivered it to organisations of all sizes around the world. These attacks added up to billions of dollars in direct financial losses.
Cyber criminals relied less on automated attacks and exploits
, shifting instead to social engineering. The change increased the impact and effectiveness of these campaigns. From email to software as a service, from social media to mobile apps, cyber criminals carried out social engineering at scale. They combined sophisticated, targeted lures and persuasive tricks
with broad distribution. They employed new and improved techniques.
The tactics worked. Attackers tricked people into installing malware, handing over their credentials, disclosing sensitive information and transferring funds.