Cyberattacks: Phishing, Ransomware Attacks Rose In 2016, Symantec Reports

A report from cybersecurity firm Symantec on cyberattacks in 2016 found an increased number of email phishing scams and ransom demands, as well as a spike in the number of targeted and politically motivated attacks.

Symantec reported that one in 131 emails contained a malicious link or attachment in 2016 — the highest rate of such efforts in five years. It also saw a 36 percent increase in the number of ransomware attacks that attempted to hold the information of users hostage until they agreed to pay a ransom.

Read: Digital Geneva Convention: Microsoft Calls For Framework For Cyber Warfare Between Nation-States

"New sophistication and innovation are the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus," Kevin Haley, the director of Symantec’s security response team, said in a statement.

"The world saw specific nation-states double down on political manipulation and straight sabotage. Meanwhile, cybercriminals caused unprecedented levels of disruption by focusing their exploits on relatively simple IT tools and cloud services."

Symantec called emails the “weapon of choice” for attackers, who used relatively common software and scripting language to launch attacks on average users. Simple phishing attacks, where an email contains a malicious attachment or link, were responsible for scamming more than $3 billion from businesses in the last three years.

Ransomware also siphoned more money out of users in 2016 than any previous year. Symantec identified more than 100 new ransomware families in the wild, more than triple the number previously identified.

There weren’t just more ransomware attacks for users to worry about, either — those attacks also demanded more money than ever before. Ransoms spiked by 266 percent in 2016, with the attackers demanding an average of $1,077 per victim, up from $294 in 2015. The attacks found their way onto computer systems of hospitals and local governments, leading to considerable inconveniences and risk of more than just financial damage.

Read: WikiLeaks Vault 7: Purported CIA Malware Found In Wild By Cybersecurity Firm

While individuals found themselves in the crosshairs of broad attacks, targeted hits on individuals and organizations also saw a sharp uptick in 2016, driven primarily by attacks during the 2016 U.S. presidential election — including the theft and subsequent publishing of emails from the Democratic National Committee.

Symantec noted attacks with the intention of political sabotage are rarely successful, but the perceived success of several efforts — including Russia’s apparent attempts to destabilize the U.S. political process — have provided criminals with newfound motivation.

One of the driving forces behind the increase in targeted attacks was the ramping up of organized efforts by nation-states to pursue cybercrime. Symantec documented several efforts by North Korea to attack the financial systems of national banks in Poland, Bangladesh, Vietnam and Ecuador.

Haley called these attacks “incredibly audacious” and said it was the first time the firm had observed a nation-state carrying out financial cyberattacks. The virtual heists resulted in North Korea stealing at least $94 million from foreign financial institutions.