Annual Threat Report Highlights Cyber Criminal Activity

This week, security company SonicWall announced the findings from its Annual Threat Report which highlights the advancements made by cyber criminals and security professionals.

Mnet 191858 Cybersecurity 1

Security company SonicWall, this week, announced the findings from its Annual Threat Report which highlights the advancements made by cyber criminals and security professionals.

According to the 2017 report, 2016 was a highly successful year for both security professionals and cyber criminals. The volume of unique malware collected fell to 60 million compared with 64 million in 2015, a 6.25 percent decrease. Total malware attack attempts dropped for the first time in years to 7.87 billion from 8.19 billion in 2015. However, cyber criminals garnered quick payoffs from ransomware.

β€œIt would be inaccurate to say the threat landscape either diminished or expanded in 2016 β€” rather, it appears to have evolved and shifted,” said Bill Conner, president and CEO of SonicWall in a statement. β€œCybersecurity is not a battle of attrition; it’s an arms race, and both sides are proving exceptionally capable and innovative.”

Ttwo areas that might be of interest to manufacturers that the report addresses are ransomware and the Internet of Things (IoT).  


Ransomware usage grew by 167 times year-over-year and was the payload of choice for malicious email campaigns and exploit kits. The SonicWall Global Response Intelligence Defense (GRID) Threat Network detected an increase from 3.8 million ransomware attacks in 2015 to an astounding 638 million in 2016. The rise of ransomeware-as-a-service (RaaS) made ransomware significantly easier to obtain and deploy. The report finds that:

● Ransomware remained on an upward climb throughout the year, beginning in March 2016 when ransomware attack attempts shot up from 282,000 to 30 million over the course of the month, and continuing through the fourth quarter, which saw 266.5 million ransomware attack attempts.

● The most popular payload for malicious email campaigns in 2016 was ransomware, typically Locky, which was deployed in about 90 percent of Nemucod attacks and more than 500 million total attacks throughout the year.

● No industry was spared from ransomware attack attempts. Industry verticals were targeted almost equally, with the mechanical and industrial engineering industry reaping 15 percent of average ransomware hits, followed by a tie between pharmaceuticals (13 percent) and financial services (13 percent), and real estate (12 percent) in third place.

Internet of Things

IoT devices were compromised on a massive scale due to poorly designed security features, opening the door for distributed denial-of-service attacks. With their integration into the core components of businesses and lives, IoT devices were an enticing target in 2016. The report finds that:

● Gaps in security enabled criminals to launch the largest distributed denial-of-service (DDoS) attacks in history in 2016. Criminals leveraged hundreds of thousands of IoT devices with weak telnet passwords to launch DDoS attacks using the Mirai botnet management framework.

● Vulnerabilities were observed on all categories of IoT devices, including smart cameras, smart wearables, smart homes, smart vehicles, smart entertainment and smart terminals.

● During the height of the Mirai surge in November 2016, the United States was by far the most targeted, with 70 percent of DDoS attacks directed towards the region, followed by Brazil (14 percent) and India (10 percent).

The report was compiled from data collected throughout 2016 by the SonicWall GRID Threat Network with daily feeds from more than 1 million security sensors in nearly 200 countries and territories.

Checkout highlights from the Annual Threat Report here.

More in Cybersecurity