Trend Micro blocked nearly 82 billion threats in 2016, with ransomware and Business Emil Compromise (BEC) in particular causing havoc for organizations worldwide, according to a new report.
The security giant’s TrendLabs 2016 Security Roundup report revealed a significant increase in newly discovered ransomware families from 29 to 247 – that’s an astounding jump of 752%.
The stats show just how popular this get-rich-quick scheme is among the black hat community, netting cybercriminals in the region of $1 billion last year.
As more and more organizations decided to go against the advice of security experts and the police and pay up, so more hackers became aware of the massive gains to be made from such attacks.
According to Trend Micro, many variants were crafted to encrypt specific file types essential to business operations, such as tax return files, server files, and virtual desktop images.
Ransomware was not the only major threat to hit in 2016. The report also claimed that BEC attacks cost victim organisations on average $140,000. With these kinds of sums involved it’s no surprise that increasing numbers of cybercriminals are expected to put their efforts into these scams this year.
Unsurprisingly the US bore the brunt of global CEO fraud, comprising 38% of attacks in 2016. But the UK (10%) was second – well above a long tail of other countries including Hong Kong and Japan (both 3%), India, France, Norway, Brazil and Australia (all 2%).
To add to organizations’ woes, Trend Micro and the Zero Day Initiative discovered a record 765 vulnerabilities in 2016 – including 60 zero days.
The number of Microsoft bugs dropped by 47%, but the number discovered in Apple products jumped 133% – a reflection of the increasingly mobile world we live in.
The two most affected products overall were Adobe Acrobat Reader DC (89 bugs) and Advantech’s WebAccess SCADA software (109).
The figures highlight the importance of prompt patching – especially for flaws being actively exploited in the wild.
Simon Edwards, Trend Micro's European cyber security architect, argued that firms should take a blended approach to security featuring multiple controls.
“So, use signature based systems to detect the known, because they are very fast. Use machine learning, application control, IPS and behavioural monitoring to detect the unknown knowns; and finally use sandboxing to find the really unknown,” he told Infosecurity.
“This is nothing new as the concept of defence in depth has been around for years. The important thing is to ensure that all of these techniques integrate and share information with each other – and provide their findings in an easy-to-use format for the analyst.”