Ransomware Attacks Surged 167x In 2016 To 638 Million Reports SonicWall

Businesses are having to contend with a lot more ransomware attacks than ever before. According to SonicWall's 2017 Annual Threat Report, there has been a meteoric rise in ransomware attacks in recent years, going from nearly 4 million attack attempts in 2015 to 638 million in 2016. That is a staggering 167x year-over-year increase with most of the attacks coming from phishing attempts.

The good news for businesses is that security outfits are keeping pace with cybercriminals. SonicWall says it would be inaccurate to say that the threat landscape either diminished or expanded or in 2016, saying instead it showed signs of evolving and shifting.

"Cybersecurity is not a battle of attrition; it's an arms race, and both sides are proving exceptionally innovative," SonicWall stated in its threat report.

Keyboard Key

Looking at the threat landscape as a whole, the volume of unique malware samples collected by the security outfit fell 6.25 percent to 60 million in 2016. Total attack attempts also declined for the first time in many years, dropping from 8.19 billion in 2015 to 2.78 billion 2016.

Be that as it may, ransomware is proving a favorite tactic of cybercriminals. The first big jump came in March 2016, which saw ransomware attacks shoot up from 282,000 to 30 million over the course of a month. That brought the total number of ransomware attempts to 30.9 million for the first quarter.

"These attacks were typically delivered by phishing campaigns and hidden from detection using SSL/TLS encryption. The rise of ransomware‐as‐a‐ service (RaaS) made it easier than ever for cyber criminals to access and deploy ransomware. As a result, many organizations struggled to find answers on how to protect themselves and how to properly respond to the dilemmas raised by this new breed of cyber threat," SonicWall said.

Ransomware is a nasty piece of malware that infects a system and encrypts the contents of the storage drive. Victims typically see a pop-up window demanding that a ransom be paid, oftentimes in virtually untraceable Bitcoin, in order to have their drive decrypted. In some cases, there is a time limit after which the ransomware will begin permanently deleting files.