Cyberattacks involving ransomware, in which criminals usemalicious software to encrypt a users' data and then extort moneyto unencrypt it, increased 50% in 2016, according to a report fromVerizon Communications Inc.

And criminals increasingly shifted from going after individualconsumers to attacking vulnerable organizations and businesses, thereport said. Government organizations were the most frequent targetof these ransomware attacks, followed by health-care businesses andfinancial services, according to data from security company McAfeeInc., which partnered with Verizon on the report published lastThursday.

Instances of ransomware attacks have grown along with the marketfor bitcoin, the digital currency that is most commonly howcybercriminals demand ransoms be paid because of its anonymity.

While overall most malware was delivered through infectedwebsites, increasingly criminals were turning to phishing — usingfraudulent emails designed to get a user to download attachments orclick on links to websites that are infected with malware — tocarry out attacks. A fifth of all malware raids began with aphishing email in 2016, while fewer than 1 in 10 did the yearbefore, according to the report.

“These emails are often targeted at specific job functions, suchas HR and accounting — whose employees are most likely to openattachments or click on links — or even specific individuals,” thereport said.

Verizon is currently in the process of acquiring Yahoo'sinternet properties at a $350 million discount after revelations ofsecurity breaches at the web company. Yahoo said in December thatthieves in 2013 stole information from 500 million customeraccounts, from email addresses to scrambled account passwords. Sucha data cache may allow criminals to go after more sensitivepersonal information elsewhere online.

Whereas in the past most ransomware simply encrypted the data onthe device where it was first opened, Marc Spitler, a Verizonsecurity researcher, said criminal gangs were increasingly usingmore sophisticated hacking techniques, seeking out businesscritical systems and encrypting entire data servers. “There isincreased sophisticated surveillance and targeting of organizationsto maximize profit,” he said in an interview.

Criminal gangs were behind the majority of all cybersecuritybreaches, Verizon said, with financial services firms the mostcommon victims, accounting for about a quarter of all attacks.

But espionage — whether by foreign governments or unknownentities — was on the rise, Verizon said, accounting for 21% of allbreaches in 2016 up from less than 10% in 2010. Besidesgovernments, manufacturing firms were the most likely to betargeted in espionage-motivated attacks, the report said. There hasalso been a surge in espionage-related breaches targetinguniversities and other educational institutions, spiking fromalmost none in 2012 to more than 20% last year, it said.

The Verizon report, which is published annually, draws on thecompany's own data from breaches its security consultants haveresponded to and data contributed by 65 partner organizations,including the U.S. Secret Service. NTT Security, a unit of Japan'sNippon Telegraph and Telephone Corp., released a report earlierthis week that showed results similar to Verizon's findings.

Bloomberg

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.