Ransomware Soaring While Malware Declines, Cyberthreat Report Finds
There’s bad news and good news in digital security. A new cyberthreat report from security provider SonicWall found an “exponential” increase in the number of ransomware threats in 2016 and a significant rise in successful attacks on Internet of Things (IoT) devices. On the plus side, last year brought a notable decline in the number of unique malware samples and attack attempts.
The 2017 SonicWall Annual Threat Report calls 2016 a “highly successful year” for both security pros and cybercriminals. This conclusion may seem contradictory, but it’s a realistic assessment of the global security battle. Security experts are leveraging innovative methods to ward off attacks that previously would have caused great harm, while attackers are devising new cyberthreats — particularly ransomware — that are siphoning money from large and small organizations worldwide.
“Cybersecurity is not a battle of attrition; it’s an arms race, and both sides are proving exceptionally innovative,” the report states.
SonicWall observed a staggering increase in the number of ransomware threats last year, from nearly four million attack attempts in 2015 to 638 million in 2016 — that’s 167 times higher. By the end of Q1 2016, companies had paid out $209 million in ransom.
Unsurprisingly, many organizations are struggling to find better ways to protect themselves.
It’s not just businesses, either. Hospitals, police departments, public transportation services and public utilities providers and are also victimized by ransomware attacks. The SonicWall study points to several high-profile examples of this trend. In February 2016, Hollywood Presbyterian Medical Center in Los Angeles announced it had paid $17,000 in bitcoin to cybercriminals to recover access to its data. And in September, U.K. hosted desktop and cloud provider VESK was forced to shell out over 29 bitcoins, the equivalent of about $22,800 at the time.
Ransomware attacks are typically delivered via phishing campaigns and use SSL/TLS encryption to avoid detection. In addition, ransomware-as-a-service (RaaS), in which cyberattackers use distributors to spread malware and then take a cut of the loot, is on the rise as well, SonicWall reports.
Cyberthreat actors are turning their attention toward IoT devices. In 2016, compromised IoT hardware was used to mount distributed denial‐of‐service (DDoS) attacks against numerous well-known tech companies, including Airbnb, Netflix, Reddit, Spotify and Twitter. The reason: poorly designed security features that open the door to DDoS intrusions.
Part of the problem is that IoT companies are under pressure to bring their products to market quickly, which often leads them to launch devices with weak security. For instance, users may encounter a setup routine that doesn’t allow them to change the default password, the study found.
All isn’t gloom and doom for security pros, however, as they’re making solid gains against malware. The number of unique malware samples collected dropped to 60 million in 2016, a year-over-year decrease of 6.25 percent. And more good news: Total malware attack attempts fell to 7.87 billion last year, down from 8.19 billion in 2015.
A particularly dramatic decline is in the area of point-of-sale (POS) malware, as retailers embraced stronger security measures such as chip‐based POS systems. The number of new POS malware variants last year fell by 88 percent from 2015 and 93 percent since 2014.
“This implies that cybercriminals are becoming less interested in devoting time to POS malware innovation,” the cyberthreat report concludes. “While we should not read this as a sign that POS malware is disappearing, it’s clear that cyberthieves have been focused elsewhere in recent months. And it’s an even better sign that when an industry truly makes security a priority, positive changes can happen.”