April 12, 2018 By David Bisson 2 min read

A recent data breach investigations study revealed that ransomware was the most prevalent variety of malware in 2017.

According to Verizon’s “2018 Data Breach Investigations Report (DBIR),” security professionals spotted cryptolockers in 39 percent of security incidents that involved malware as an attack variety. This attack type was more prevalent than spyware, banking Trojans and other forms of malicious software over the course of the year.

Ransomware in Review

For the report, Verizon analyzed over 53,000 security incidents, including 2,216 data breaches, submitted from contributors in more than five dozen countries. The goal of the study was to identify trends in those events and inform organizations about the threats they’re up against as they plan their defense strategies.

The researchers ranked ransomware as the fifth-most prevalent action variety with 787 incidents, and noted that malware was utilized as a tactic in 30 percent of security events.

Gabe Bassett, senior information security data scientist at Verizon and co-author of the report, said he tracked ransomware’s growth since it first appeared in the 2013 edition of the DBIR. During that span of time, he witnessed ransomware activity double year over year on at least two separate occasions.

“The reason we’re seeing this incredible prevalence is ransomware is a great value proposition for the attacker,” Bassett told TechRepublic. “They don’t have to do a lot of the complex work. They just drop a piece of malware and then let it run.”

Ransomware activity also grew because of its flexibility, allowing cybercriminals to launch campaigns against targets that are more lucrative than users’ personal devices. In fact, Verizon noted a rise in ransomware operations targeting enterprises’ file systems and databases.

An Industry Perspective

Ransomware was more prevalent in some industries than others. Healthcare came in at the top, with cryptolockers accounting for 85 percent of all malware varieties over the course of the year. The May 2017 outbreak of WannaCry, which claimed 34 percent of the U.K.’s National Health Service (NHS) hospital trusts as victims, according to the U.K. Department of Health and Social Care, likely helped drive up this figure.

But Bassett and his fellow researchers revealed that number might misrepresent the realities of data protection in the healthcare sector. The Verizon report noted that medical organizations are bound by federal regulations to report ransomware attacks as data breaches and not instances of data risk. Therefore, it’s impossible to know whether hospitals and other healthcare centers are more susceptible to ransomware than organizations in other industries or if higher reporting standards are to blame.

The report’s authors advised organizations to take certain steps to protect themselves against data breaches, including implementing two-factor authentication (2FA), patching software vulnerabilities and conducting ongoing security awareness training with employees.

More from

Regulatory harmonization in OT-critical infrastructure faces hurdles

3 min read - In an effort to enhance cyber resilience across critical infrastructure, the Office of the National Cyber Director (ONCD) has recently released a summary of feedback from its 2023 Cybersecurity Regulatory Harmonization Request for Information (RFI). The responses reveal major concerns from critical infrastructure industries related to operational technology (OT), such as energy, transport and manufacturing. Their worries include the current fragmented regulatory landscape and difficulty adapting to new cyber regulations. The frustration appears to be unanimous. Meanwhile, the magnitude of…

Generative AI security requires a solid framework

4 min read - How many companies intentionally refuse to use AI to get their work done faster and more efficiently? Probably none: the advantages of AI are too great to deny.The benefits AI models offer to organizations are undeniable, especially for optimizing critical operations and outputs. However, generative AI also comes with risk. According to the IBM Institute for Business Value, 96% of executives say adopting generative AI makes a security breach likely in their organization within the next three years.CISA Director Jen…

Q&A with Valentina Palmiotti, aka chompie

4 min read - The Pwn2Own computer hacking contest has been around since 2007, and during that time, there has never been a female to score a full win — until now.This milestone was reached at Pwn2Own 2024 in Vancouver, where two women, Valentina Palmiotti and Emma Kirkpatrick, each secured full wins by exploiting kernel vulnerabilities in Microsoft Windows 11. Prior to this year, only Amy Burnett and Alisa Esage had competed in the contest's 17-year history, with Esage achieving a partial win in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today