SonicWall, the leading security vendor released its latest Annual Threat Report, which highlights the most notable advancements made by security professionals and cyber criminals in 2016.
The report was compiled from data collected throughout 2016 by the SonicWall Global Response Intelligence Defense (GRID) Threat Network with daily feeds from more than 1 million security sensors in nearly 200 countries and territories.
According to the 2017 SonicWall Annual Threat Report, 2016 could be considered a highly successful year from the perspective of both security professionals and cyber criminals. Unlike in years past, SonicWall saw the volume of unique malware samples collected fall to 60 million compared with 64 million in 2015, a 6.25 percent decrease. Total malware attack attempts dropped for the first time in years to 7.87 billion from 8.19 billion in 2015.
Although malware came down, but the growth for ransomware skyrocketed and the SonicWall GRID Threat Network detected an increase from 3.8 million ransomware attacks in 2015 to an astounding 638 million in 2016. The rise of RaaS made ransomware significantly easier to obtain and deploy.
Ransomware remained on an upward climb throughout the year, beginning in March 2016 when ransomware attack attempts shot up from 282,000 to 30 million over the course of the month, and continuing through the fourth quarter, which closed at 266.5 million ransomware attack attempts for the quarter.
The most popular payload for malicious email campaigns in 2016 was ransomware, typically Locky, which was deployed in about 90 percent of Nemucod attacks and more than 500 million total attacks throughout the year.
No industry was spared from ransomware attack attempts. Industry verticals were targeted almost equally, with the mechanical and industrial engineering industry reaping 15 percent of average ransomware hits, followed by a tie between pharmaceuticals (13 percent) and financial services (13 percent), and real estate (12 percent) in third place.
The SonicWall GRID Threat Network also observed vulnerabilities on all categories of IoT devices, as they were found compromised on a massive scale due to poorly designed security features, opening the door for distributed denial-of-service attacks. including smart cameras, smart wearables, smart homes, smart vehicles, smart entertainment, and smart terminals.
The report also observed cyber criminals leveraging screen overlays to mimic legitimate app screens and trick users into entering login info and other data. When Android responded with new security features to combat overlays, SonicWall observed attackers circumventing these measures by coaxing users into providing permissions that allowed overlays to still be used. Cybercriminals continued to find victims on third-party app stores and ransomware was a common payload as were self-installing apps.
