Skip to main content

Verizon agrees, ransomware is the most popular form of malware

It seems lately that nobody’s safe from malware attacks, and from our private data being hacked and made available to nefarious parties. One of the worst forms of malware is ransomware, which locks down a user’s data and holds it hostage for cash or Bitcoin. According to Verizon, ransomware is one of the fastest-growing forms of malware, a finding that confirms other similar reports.

Each year, Verizon looks at real-world incidents, assesses trends, and provides some insight into the kinds of attacks being experienced by a variety of different kinds of users. This year’s Data Breach Investigations Report (DBIR) looked at more than 53,000 incidents and 2,216 confirmed data breach cases in coming up with its conclusions.

According to the data, the majority of attacks — 76 percent, in fact — were conducted by cybercriminals with the intent of making money. That includes stealing data and using it to access banking and credit card accounts, selling the data on the open market, and conducting ransomware campaigns that generate cash directly. While nearly 73 percent of all attacks were made by individuals and groups outside of organizations, including 12 percent that was perpetrated by those with ties to nation-states, 28 percent of attacks originated from the inside.

Of all attacks, ransomware represented 39 percent of those where malware was implicated. The reason why ransomware is so prevalent is that it’s effective and relatively easy to implement. Tools exist that anyone can use to carry out a ransomware attack, and so a lack of technical expertise and resources isn’t the impediment that it is for other forms of attack. And, payment is direct and immediate, without the need to conduct secondary processes like selling stolen data.

Even so, roughly 17 percent of all data breaches were due to simple mistakes, such as incorrectly addressed emails, information that’s not shredded as it should be, and poorly configured web servers. In addition, up to four percent of all phishing targets — where an email will link to a bogus site that downloads malware or gathers personal information — click on phishing campaign email, which is still a significant number when such campaigns can target millions of potential victims.

Verizon recommends the same tactics as always. Its report focuses on organizations and so making sure users are educated, systems are patched, and adequate security systems are in place are the most important steps to take. For individuals, constant vigilance, good backups, and common sense remain good advice.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more
Malware has a terrible new way to get to your computer
A villager looks at a sunset.

You've heard of malware spreading through spammy emails and mysterious links on strange websites. But now there's a new avenue of attack for bad actors to take -- and it's via Minecraft. Yes, you read it correctly. The open-world building game loved by seven-year-olds around the globe is quickly becoming a favorite method for spreading malware.

As reported by Bleeping Computer, Kaspersky Labs researched the phenomena from July 2021 until July 2022, and it found that in-game malware accounted for a significant amount of the malware that was spread in that time. Although there was a 30% drop in malware attacks in that year when compared to 2020, the amount of gaming-related malware actually increased. Minecraft on PC was the preferred vector.

Read more
Hackers are using fake WordPress DDoS pages to launch malware
A digital depiction of a laptop being hacked by a hacker.

Hackers are pushing the distribution of dangerous malware via WordPress websites through bogus Cloudflare distributed denial of service (DDoS) protection pages, a new report has found.

As reported by PCMag and Bleeping Computer, websites based on the WordPress format are being hacked by threat actors, with NetSupport RAT and a password-stealing trojan (RaccoonStealer) being installed if victims fall for the trick.

Read more