Press Releases

Increasingly Savvy Cyber Criminals Targeted Personal Information in 2015, Says New Report By SurfWatch Labs

Evolution in cyber criminals' ability to monetize personal information rose significantly last year across all industries

March 17, 2016 – Sterling, VA – Cybercriminals shifted their targets over the past year from focusing on credit card information at financial institutions to increasingly steal personal information across a swath of industries, according to a new report released today by SurfWatch Labs, a cyber threat intelligence provider. Attack methods also evolved in 2015 with more of a focus on DDoS extortion and ransomware.

"Last year, cybercriminals branched out looking for any personal information they could find, beyond financial institutions or retailers that hold the prized credit card information," said Adam Meyer, chief security strategist, SurfWatch Labs. "That information is then used to build individual victim profiles which can then be sold or used to extort the victim."

The theft of non-financial customer data can have serious consequences for organizations, including the loss of customer confidence and costly litigation. "Business should view their security strategy from a business resilience perspective, protecting information to not only help prevent breaches from occurring but to also put themselves on more solid footing in the event of litigation. In addition, the increase in loss that we are seeing with the extortion extravaganza points to the need to modify their incident and breach response plans to include procedures for dealing with possible cyber extortion," Meyer said.

SurfWatch Labs collected cyber event activity from thousands of different open and Dark Web sources and then categorized, normalized and measured the data for impact based on their CyberFact information model. Highlights from the SurfWatch Labs Cyber Risk Report: Year in Review include:

  • Rise in personal information theft - In the third quarter of 2014, only one in 10 CyberFacts were tied to personal information; by the third quarter of 2015 that number had risen to more than one in three.
  • Extortion extravaganza – Ransomware, blackmail and extortion were all common events in 2015; cybercriminals learned from each other the easiest path to monetizing their illegal activities was to demand money directly from their victims.
  • Cybercrime-as-services closed the skills gap – Minimal computer skills are no longer a barrier to entry for cyber criminals; there are plenty of bad guys willing to sell their skills.
  • Hotels dominated PoS breaches – While PoS breaches hit retail hard in 2014, during the second half of 2015 there was a noticeable rise in stolen financial information driven by PoS breaches at numerous hotel chains.

If extorting victims is the simplest and most direct path to monetizing cybercrime activities, DDoS threats are perhaps the least labor-intensive attack vector. Packaged DDoS attacks can be purchased on the Dark Web and this happened regularly in 2015. Ransomware creators were also busy updating their malware with new features that improve their conversion rates and generate more money. Organizations are well served to address both of these issues in 2016, the report said.

"By carefully studying the targets and tactics of cybercriminals in 2015, we can precisely define what attackers were focused on and how that differs from the year before," said Tim Layton, Chief Intelligence Officer, SurfWatch Labs. "More importantly though, that information allows us to make better informed forecasts of how cybercrime will impact organizations going forward and therefore what should be done to more effectively reduce risk."

To read the full, complimentary report, visit

About SurfWatch Labs

SurfWatch Labs helps organizations and service providers quickly establish a strategic cyber threat intelligence operation that drives more effective use of their tactical defenses. Founded in 2013 by former US Government intelligence analysts, SurfWatch Labs solutions provide a 360-degree view of cyber threats in the context of your business, along with practical and personalized support to create immediate insights and meaningful action. Combining useful analytics, applications and human expertise, SurfWatch solutions can be your off-the-shelf, cyber threat intelligence team or delivered as a comprehensive product suite that easily integrates with your existing cybersecurity operations.

SurfWatch Labs: Cyber In Sight. For more information, visit

Online Resources: