2016 was a mixed bag in terms of cybersecurity threats and trends, with a slight decrease in malware but a whopping increase in ransomware.
Cybersecurity company SonicWall released its latest global cyber threat report on Feb. 7, revealing cybersecurity stats for 2016. According to the report, while malware was slightly down, ransomware surged tremendously - 167 times more ransomware attacks compared to 2015.
Aside from the alarming spike in ransomware attacks, SonicWall also points to a new wave of cybercrime from Distributed Denial of Service (DDoS) attacks spread through Internet of Things (IoT) devices. The largest and main DDoS attack occurred back in October 2016 and brought down a number of high-profile websites including PayPal, Reddit, Twitter and more. In that case, the Mirai botnet infected unprotected IoT devices and used them in the massive DDoS attack on Dyn servers.
Malware Drop
For the report published on Tuesday, SonicWall analyzed data from daily network feeds sent in nearly 200 countries from more than 1 million sensors. Throughout the year, the cybersecurity company noticed that unique samples of malware saw a 6.25 percent drop from 64 million in 2015 to 60 million in 2016. Total malware attempts also saw a 4 percent decline from 8.19 billion in 2015 to 7.87 billion in 2016.
Ransomware Increase
Ransomware-as-a-Service (RaaS), however, greatly increased in 2016. In RaaS cases, cybercriminals provide ransomware to other ill-intended parties, offering solutions to make a quick buck for cybercriminals. For those unfamiliar with the practice, ransomware consists of malicious software that holds a computer system hostage and unlocks access only when a ransom is paid to the attacker.
Ransomware attacks jumped from 3.8 million in 2015 to a whopping 638 million in 2016, marking a tremendous increase of 167 times from one year to the next. SonicWall speculates that this increase could be due to the fact that obtaining ransomware was easier in 2016 and cybercriminals faced low risks of being punished or even caught.
Highly Active Attack Year
"2016 was a highly active attack year. Ransomware alone increased by well over 100X," SonicWall reports. "From the Internet of Things to mobile devices and even virtual worlds, cybercriminals are increasingly aggressive in their stealth strategies."
"Ransomware was the payload of choice for spam campaigns and exploit kits," it adds.
The most powerful malicious email campaigns of 2016 relied on ransomware, especially the Locky ransomware that fueled more than 500 million attacks throughout the year. Ransomware attacks hit all industries, from financial to pharmaceutical, real estate and more.
When it comes to the distribution of the attacks, SonicWall notes that during the Mirai botnet attacks, 70 percent of all DDoS attacks hit the United States, 14 percent hit Brazil and 10 percent hit India. At the same time, it seems that UK companies were roughly three times as likely to face ransomware attacks compared to their American counterparts.
Lastly, SonicWall points out that internet traffic encrypted with SSL or TSL saw a 34 percent increase in 2016, which could be due to the wider adoption of cloud storage solutions.