2016 Sees Massive Spike in Ransomware, Trend Micro Finds

1 of 9

2016 Sees Massive Spike in Ransomware, Trend Micro Finds

Security vendor Trend Micro released its 2016 Security Roundupon Feb. 28, providing insight into a record year for vulnerabilities. The largest single trend noted in the report was the rise of ransomware in 2016. Trend Micro discovered 247 different ransomware families in 2016, a 752 percent increase over 2015. Ransomware takes different forms and attacks multiple types of IT data, though among the most popular is database files. The report also looks at another trend—business email compromise (BEC), an attack where organizations are tricked into paying fraudulent invoices. In 2016, BEC attacks caused an average of $140,000 in losses to companies around the world, Trend Micro found. In this slide show, <i>eWEEK</i> takes a look at some of the key highlights of the Trend Micro “2016 Security Roundup: A Record Year for Enterprise Threats" report.

2 of 9

New Forms of Ransomware Spikes

In 2016, Trend Micro discovered 247 different ransomware families, a 752 percent increase over 2015.

3 of 9

Ransomware Takes Aim at Database Files

Ransomware can attack nearly any type of data file, with some ransomware families going after specific data types. In 2016, Trend Micro found 96 different ransomware families targeting database files.

4 of 9

Business Email Compromise Targets the U.S.

While business email compromise (BEC) attacks are a global phenomenon, the single biggest target in 2016 was the U.S.

5 of 9

Trend Micro Discovers 765 Vulnerabilities in 2016 …

In 2016, Trend Micro and the Zero Day Initiative (ZDI), which Trend Micro acquired as part of the acquisition of TippingPoint from Hewlett Packard Enterprise last year, discovered a combined 765 vulnerabilities.

6 of 9

… But Discovers Fewer Microsoft Vulnerabilities in 2016

Looking at specific vendors, Trend Micro and ZDI discovered fewer vulnerabilities in Microsoft applications in 2016 than in 2015. That said, in 2016 the firm found more vulnerabilities in both Apple and Android than it did in 2015.

7 of 9

Use of Angler Exploit Kit Declines

At the beginning of 2016, Angler was the most dominant exploit kit in the world. After the June 2016 arrest of 50 people with ties to Angler, use of the exploit kit virtually disappeared.

8 of 9

Flash Remains an Exploit Kit Favorite

Although exploit kit use declined by the end of 2016, it still remains a threat. Looking at the specific vulnerabilities used in the various exploit kits, Trend Micro found that Adobe Flash vulnerabilities were the most common.

9 of 9

Why the 'Cloudbleed' Data Leak Flaw Posed a Major Threat to Websites

A new type of data leak has come to light that could impact millions of people around the globe. Google Project Zero, the research effort to find and fix critical software security flaws, reported that a vulnerability on the Cloudflare security service could enable the leak of passwords and data. According to Cloudflare, the flaw could have allowed leaks of sensitive data from thousands of websites over a six-month period. This incident has been dubbed Cloudbleed by some people in the cyber-security community because the threat was potentially as serious as the "Heartbleed" OpenSSL cryptography flaw that was reported in 2014 which posed a serious security threat to thousands of websites. Cloudflare says it has patched the data leak flaw and moved quickly to purge any leaked data that may have circulated on search engines. While the full scope of the Cloudflare leak and exactly how many users...
Top White Papers and Webcasts