The top threat of 2016, ransomware, increased by more than 167 times year-over-year—from 4 million attack attempts in 2015 to a whopping 638 million.
According to SonicWall’s 2017 Annual Threat Report, ransomware was the payload of choice for malicious email campaigns and exploit kits last year. There are a few reasons for this: For one, the rise of ransomware-as-a-service (RaaS) made the code significantly easier to obtain and deploy. The unprecedented growth also was likely driven by easier access in the underground market, the low cost of conducting a ransomware attack, the ease of distributing it and the low risk of being caught or punished.
Ransomware remained on an upward climb throughout the year, beginning in March 2016 when ransomware attack attempts shot up from 282,000 to 30 million over the course of the month, and continuing through the fourth quarter, which closed at 266.5 million ransomware attack attempts for the quarter.
The most popular payload for malicious email campaigns in 2016 was Locky, which was deployed in about 90% of Nemucod attacks and more than 500 million total attacks throughout the year.
Interestingly, no industry was spared from ransomware attack attempts. Industry verticals were targeted almost equally, with the mechanical and industrial engineering industry reaping 15% of average ransomware hits, followed by a tie between pharmaceuticals (13%) and financial services (13%), and real estate (12%) in third place.
"With the continued rise of ransomware, this research from SonicWALL shows how important it is for businesses to assess their cyber-defense strategy,” Mike Spanbauer, vice president of Security, Test & Advisory, NSS Labs. “In 2016 we saw major advances from cybercriminals, and believe vendors like SonicWALL that are willing to invest and develop technology and approaches to win against ransomware will help the security industry get ahead of this increasingly prevalent attack method."