Last year was a banner year for cybercrime, as records breached increased 556% from 2015, with more than 4 billion records leaked in 2016. There were just 600 million compromised the year before.
That’s according to IBM’s 2017 X-Force Threat Intelligence Index, which also documented more than 10,000 software vulnerabilities in 2016—the highest single-year number in IBM X-Force’s 20-year history.
The report also uncovered several macro-trends, including, notably, the rise of ransomware spread through spam. Spam was up 400% in 2016, with 44% of spam containing malicious attachments. A full 85% of these malicious attachments contained malicious ransomware.
In a separate study last year, IBM Security found 70% of businesses impacted by ransomware paid over $10,000 to regain access to business data and systems. In the first three months of 2016, the FBI estimated cyber-criminals were paid a reported $209 million via ransomware. This would put criminals on pace to make nearly $1 billion from their use of the malware just last year.
Also, 2016 saw attackers targeting unstructured data. In past years, data breaches focused on fixed set of structured information such as credit card data, passwords, national ID numbers, personal health information (PHI) data or key documents. In 2016, IBM saw a shift towards unstructured data—such as hundreds of gigabytes of email archives, documents, intellectual property and source code, companies’ complete digital footprints, etc.—were exposed along with the traditional structured data.
“Cyber-criminals continued to innovate in 2016 as we saw techniques like ransomware move from a nuisance to an epidemic,” said Caleb Barlow, vice president of threat intelligence, IBM Security. “While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cyber-criminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways.”
As far as the targets, these shifted a bit last year: Healthcare gave up the No 1 seed, losing out to financial services in terms of who was targeted the most. The healthcare industry continued to be beleaguered by a high number of incidents, although attackers focused on smaller targets resulting in a lower number of leaked records. In 2016, only 12 million records were compromised in healthcare—keeping it out of the top five most-breached industries. For perspective, nearly 100 million healthcare records were compromised in 2015, resulting in an 88% drop in 2016.
Interestingly though, data from the X-Force report shows financial services came in only third in compromised records. Top distinctions here went to information and communication services companies, which had 3.4 billion compromised records and 85 breaches/incidents. No 2 was government, which saw 398 million compromised records and 39 breaches/incidents—making these two segments the most vulnerable as they experienced the highest number of incidents and records breached in 2016.