2016 was indeed the year of online extortion. Cyber threats reached an all-time high with more than thousand attacks every month, ransomware and Business Email Compromise (BEC) scams gained popularity among cybercriminals as a way for looking into extorting enterprises. A 752 percent hike in new ransomware families ultimately resulted in $1 billion in losses for enterprises worldwide, according to Trend Micro.
Trend Micro and the Zero Day Initiative (ZDI) discovered more than 765 vulnerabilities in 2016. Of these, 678 were brought to ZDI through their bug bounty program that rewards freelance crackers for submitting the vulnerabilities, then ZDI verifies and discloses the issue to the affected corporate. Compared to vulnerabilities discovered by Trend Micro and ZDI in 2015, Apple had a 145 percent increase in vulnerabilities, on the other hand Microsoft bugs have decreased by 47 percent.
“As threats have diversified and grown in sophistication, cybercriminals have moved on from primarily targeting individuals to focusing on where the money is: enterprises,” said Ed Cabrera, chief cybersecurity officer for Trend Micro. “Throughout 2016 we witnessed threat actors extort companies and organizations for the sake of profitability and we don’t anticipate this trend slowing down. This research aims to educate enterprises on the threat tactics actively being used to compromise their data, and help companies adopt strategies to stay one step ahead and protect against potential attacks.”
In 2016, the Trend Micro Smart Protection Network disabled more than 81 billion threats for the entire year, which is a 56 percent hike from 2015. In the second half of 2016, more than 3,000 attacks per second were blocked for customers. During this time, 75 billion of blocked attempts were email based, illustrating that email remains the top entry point for threats.