Page 3 - BLI Annual Report 2016
INTRODUCTION Data for Ransom 2016 YEAR IN REVIEW Another big trend in 2016 was hackers going after large technology or social and entertainment sites to acquire account access. After gaining this access, the attackers could easily use it as an entry point. For example, as reported in an article on the Forbes site in December 2016, hackers stole millions of dollars in bitcoin using only phone numbers. The article noted a spate of recent hackings of high-pro le cryptocurrency When it comes to data security breaches, 2016 was yet another year that many security executives will not remember fondly. The year saw almost 1.4 billion data records lost or stolen, up 86% from 2015, according to a comprehensive analysis of security breaches conducted by Gemalto through data collected in its Breach Level Index (BLI). Every year seems to have its own unique trends when it comes to data security breaches, and 2016 was no exception. While signi cant distributed denial of service (DDoS) attacks garnered a lot of attention on the corporate security front, 2016 will also be considered the year when ransomware attacks moved into the mainstream. A number of companies, including healthcare providers, utilities and others were willing to pay ransoms to avoid losing data or having systems shut down, showing that this type of attack is having an impact on businesses. Perhaps more concerning for individual users, many of the attacks in 2016 got personal. The year saw a number of incidents aimed at stealing personal data on Web sites that many users might be embarrassed to admit using, such as adult content sites. In fact, there was a major increase in breaches of these sites, involving ransom requests and threats of leaking private information about their users. By getting hold of this personal data, cyber criminals can extort victims into paying fees in order to avoid having their very private information made public. These kinds of attacks are making data breaches much more personal than other security incidents, which typically involve ransom against companies or the theft of nancial data that does not expose users to public scrutiny. 3 To create the Breach Level Index, Gemalto, a leading global provider of digital security solutions, gathers extensive information about data breaches worldwide, using sources such as Internet searches, news articles and analyses and other resources. The data gathered is then aggregated into the Index, a database that Gemalto continually maintains. The data is analyzed in terms of the number of breaches that occur; the number of data records lost; and data breaches by industry, type of breach, source and by country or region.