According to a study by SonicWall Global Response Intelligent Defense (GRID) Threat Network that move to chip-and-PIN credit cards has resulted over 90% decline in point-of-sale (PoS) malware creation since 2014.
"It's pretty clear that the move to chip-and-PIN credit cards decreased PoS malware over the past couple of years," says Dmitriy Ayrapetov, executive director of product development at SonicWall.
"This is a dramatic drop compared to 2014, which was the high point of PoS malware, the time that top retailers like Target, Home Depot, and Staples were hit with massive data breaches," he further adds.
Ayrapetov however, says that cybercriminals go where the money is, and during the last year, ransomware has become a very profitable business.
A reality-check by SonicWall has revealed that ransomware is growing at 167 times year-over-year as its attacks have grown from 4 million in 2015 to a staggering 638 million in 2016. The study has found that ransomware was the payload of choice for malicious email campaigns and exploit kits
"With ransomware, attackers can hit both small and large businesses," Ayrapetov reveals, adding, "And it's a lot less risky, since the attackers get paid in bitcoins and don't have to use a credit card. Also, the emergence of ransomware-as-a-service has reduced the barrier to entry, so anybody can purchase ransomware-as-a-service now."
The SonicWall study also found that SSL/TLS traffic grew by 38% last year, partly due to the growth in cloud application adoption. But yet again, the increase in SSL/TLS traffic has created another flaw: an uninspected backdoor into the network that cybercriminals can potentially exploit.
"Companies now need to look inside the network and inspect and protect encrypted traffic," says Mike Spanbauer, vice president of security, test & advisory at NSS Networks, which had an early briefing on the SonicWall report.
"It's really not terribly difficult to make money spreading ransomware. You can now get service agreements. It’s really scary how accomplished a business model they have."