(Bloomberg) – Cyberattacks involving ransomware — inwhich criminals use malicious software to encrypt a users' data andthen extort money to unencrypt it — increased 50 percentin 2016, according to a report from Verizon Communications Inc.

And criminals increasingly shifted from going after individualconsumers to attacking vulnerable organizations andbusinesses, the report said. Government organizations were themost frequent target of these ransomware attacks, followed byhealth-care businesses and financial services, according to datafrom security company McAfee Inc., which partnered with Verizon onthe report published Thursday.

Instances of ransomware attacks have grown along with the marketfor bitcoin, the digital currency that is most commonly howcybercriminals demand ransoms be paid because of its anonymity.

Malware raids with phishing email

While overall most malware was delivered through infectedwebsites, increasingly criminals were turning to phishing— using fraudulent emails designed to get a user todownload attachments or click on links to websites that areinfected with malware — to carry out attacks. A fifth ofall malware raids began with a phishing email in 2016, while fewerthan 1 in 10 did the year before, according to the report.

"These emails are often targeted at specific job functions, suchas HR and accounting — whose employees are most likely toopen attachments or click on links — or even specificindividuals," the report said.

Verizon is currently in the process of acquiring Yahoo! Inc.'sinternet properties at a $350 million discount after revelations ofsecurity breaches at the web company. Yahoo said in December thatthieves in 2013 stole information from 500 million customeraccounts, from email addresses to scrambled account passwords. Sucha data cache may allow criminals to go after more sensitivepersonal information elsewhere online.

Criminal gangs

Whereas in the past most ransomware simply encrypted the data onthe device where it was first opened, Marc Spitler, a Verizonsecurity researcher, said criminal gangs were increasingly usingmore sophisticated hacking techniques, seeking out businesscritical systems and encrypting entire data servers. "There isincreased sophisticated surveillance and targeting of organizationsto maximize profit," he said in an interview.

Criminal gangs were behind the majority of all cybersecuritybreaches, Verizon said, with financial services firms the mostcommon victims, accounting for about a quarter of all attacks.

Espionage also on the rise

But espionage — whether that was by foreign governmentsor unknown entities — was on the rise, Verizon said,accounting for 21 percent of all breaches in 2016 up from less than10 percent in 2010. Besides governments, manufacturing firms werethe most likely to be targeted in espionage-motivated attacks, thereport said. There has also been a surge in espionage-relatedbreaches targeting universities and other educational institutions,spiking from almost none in 2012 to more than 20 percent last year,it said.

Related: 3 wise cybersecurity solutions for2017

The Verizon report, which is published annually, draws on thecompany's own data from breaches its security consultants haveresponded to and data contributed by 65 partner organizations,including the U.S. Secret Service. NTT Security, a unit of Japan'sNippon Telegraph and Telephone Corp., released a report earlierthis week that showed results similar to Verizon's findings.