The number of records compromised by data breaches grew an historic 566 percent in 2016 from 600 million to more than 4 billion, according to IBM Security's X-Force Threat Intelligence Index.
The leaked records include types of data that cybercriminals have traditionally targeted such as credit cards, passwords, and personal health information. But IBM also found a shift in cybercriminal strategies last year, with a number of significant breaches related to unstructured data such as email archives, business documents, intellectual property, and source code.
Spam Surges on Back of Ransomware
"Cybercriminals continued to innovate in 2016 as we saw techniques like ransomware move from a nuisance to an epidemic," said Caleb Barlow, vice president of threat intelligence, IBM Security. "While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways."
In a separate study last year, IBM Security found 70 percent of businesses impacted by ransomware paid more than $10,000 to regain access to business data and systems. In the first three months of 2016, the FBI estimated cybercriminals were paid a reported $209 million via ransomware.
IBM blamed the rise in ransomware last year on the increased willingness of enterprises to pay off cybercriminals who hijack their data. The primary delivery method for ransomware last year was via malicious attachments in spam emails, the company said.
That fueled a 400 percent increase in spam year over year, with roughly 44 percent of spam containing malicious attachments. Ransomware made up 85 percent of malicious attachments in 2016.
Shift from Healthcare Back to Financial Services
While the healthcare sector was the most attacked industry in 2015, attackers in 2016 once again focused on financial services, IBM found. While financial services was the most targeted sector last year, it was only third in terms of the number of compromised records, according to the report.
"The lower success rate versus the high volume of attacks in financial services indicates that continued investment in sustained security practices likely helped protect financial institutions," IBM said.
The healthcare industry continued to be beleaguered by a high number of incidents, although attackers focused on smaller targets resulting in a lower number of leaked records. In 2016, only 12 million records were compromised in healthcare -- keeping it out of the five most-breached industries.
Information and communication services companies and government agencies experienced the highest number of incidents and records breached in 2016, according to IBM.
The IBM X-Force Threat Intelligence Index is comprised of observations from more than 8,000 monitored security clients in 100 countries and data derived from non-customer assets, such as spam sensors and honeynets, in 2016. IBM X-Force runs network traps around the world and monitors more than 8 million spam and phishing attacks daily while analyzing more than 37 billion Web pages and images.