PINDROP BLOG

Verizon: Ransomware, Cyberespionage Attacks On the Rise

Ransomware attacks are becoming a larger and larger problem for enterprises, now accounting for nearly 75 percent of malware-related incidents in health care companies, according to new data released by Verizon.

The ransomware issue has been a major concern for many companies for several years now, but it has become especially acute for health care companies. A number of hospitals, private practices, and insurance companies have been hit by ransomware attacks recently, with some resulting in large payments by the victims. Last year, officials at Hollywood Presbyterian Medical Center paid a $17,000 ransom to restore its data after the hospital’s network was knocked offline for several days.

Data from the 2017 Verizon Data Breach Investigations Report released Thursday shows that 72 percent of all malware incidents affecting health care organizations involved ransomware. The DBIR dataset, which includes more than 2,000 separate breaches, reveals a 50 percent increase in ransomware incidents compared to 2015, and also shows that ransomware is now the fifth most-common variety of malware found in breaches.

“While ransomware dates back to 1989, in the past year we have seen more technical and process innovation in ransomware than we have seen since the invention of Bitcoin-enabled anonymous payments. Fueled by the success of early attacks, the number of ransomware incidents increased to 228 in this year’s report from 159 in the 2016 DBIR,” the new report says.

“Fueled by the success of early attacks, the number of ransomware incidents increased to 228.”

“Perhaps the most significant change to ransomware in 2016 was the swing away from infecting individual consumer systems toward targeting vulnerable organizations. Overall, ransomware is still very opportunistic, relying on infected websites and traditional malware delivery for most attacks. Looking again through the lens of DBIR data, web drive-by downloads were the number one malware vector in the 2016 report, but were supplanted by email this year.”

In addition to the rise in ransomware infections, 2016 also saw an increase in the volume of cyber espionage incidents. Verizon’s data shows that 21 percent of breaches were related to espionage in some way, and these attacks are now the most common ones targeting several industries, including education, manufacturing, and the public sector.

“Espionage and errors were definitely in the backpacks of the Education industry this past year. Cyber-Espionage was present in 26% of breaches,” the report says.

Unsurprisingly, Verizon found that 73 percent of breaches involved a financial motivation. The report also reveals that 75 percent of incidents were traced back to outsiders.