As Trend Micro predicted, 2016 has proven to be a year of online extortion through various malicious attack methods. Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in security software and solutions, today published its security roundup report, “The Reign of Ransomware,” which analyzes the trends in attacks and vulnerabilities seen throughout the first half of this year. The report provides extensive data surrounding the rise and impact of attacks, such as a 172 percent increase in ransomware and $3 billion in losses due to business email compromise (BEC) scams so far in 2016, as well as nearly 500 vulnerabilities in a variety of products.
“Ransomware is capable of crippling organizations who face it, and the cybercriminals spearheading these attacks are creatively evolving on a continuous basis to keep enterprises guessing,” said Raimund Genes, chief technology officer for Trend Micro. “It has dominated the threat landscape so far in 2016, causing immense losses to businesses across multiple industries. Enterprises must adopt multi-layered security solutions to optimally combat these threats that could attempt to penetrate corporate networks at any time.”
The following report findings highlight trends from the first half of 2016:
In total, 79 new ransomware families were identified in the first six months of the year, which surpasses the total number of new families found in all of 2015. Both new and old variants caused a total of US $209 million in monetary losses to enterprises. Ransomware attacks found in the first half of 2016, like BEC scams, originated from emails 58 percent of the time.
Research shows both growth and evolution in vulnerabilities and exploit kits (EKs), as well. Angler was found to steadily decrease in use, while other EKs, like Neutrino, filled the void. New vulnerabilities and ransomware were added to keep EKs up to date and effective. Unpatched software continues to provide additional opportunities for attackers to infect networks via EKs.
In the first half of 2016, Trend Micro discovered 473 vulnerabilities in a variety of products, with 28 coming from Adobe Flash and 108 from Advantech’s Web Access, demonstrating the full capabilities of the company’s research teams.
“While it’s unfortunate for us, cybercriminals are resilient and flexible when it comes to altering an attack method each time we find a patch or solution,” said Ed Cabrera, chief cybersecurity officer for Trend Micro. “This creates massive problems for enterprises and individuals alike since the threats change as often as solutions are provided. It bodes well for businesses to anticipate being targeted and to prepare accordingly, implementing the latest security solutions, virtual patching and employee education to mitigate risks from all angles.”