When you hear the word “malware,” what is your first thought? Probably something along the lines of a complicated computer virus, something that you don’t want. Malware is short for “malicious software” and includes several different types of cyber-attacks. Today, I’d like to focus specifically on a kind of malware called ransomware and go over everything about it, so you know exactly what kinds of cyber weapons your organization is up against.
To start this off, ransomware does what its title suggests. It holds your data for ransom. Ransomware gets on your system and prevents you from either accessing your system or your data. It will lock your screen or scramble your files so that you can see that they are there, but they will be unavailable to you. The ransomware will then threaten to delete all your data unless you pay a ransom, usually in Bitcoin, Ethereum, or some other kind of cryptocurrency that allows anonymous payments in order to protect the identity of the attackers.
But how did this all start? Ransomware has been around for decades now. The first widespread ransomware attack happened in 1989 on DOS operating systems. It was called the AIDS Trojan, and after locking you out of your files, it would display instructions for paying to get access back, which was to physically mail 189 USD to a PO box in Panama owned by a company called the PC Cyborg Corporation. It’s shocking to see just how far back these attacks go, and now they have exploded in popularity among cybercriminals. This is due to modern-day technologies such as cryptocurrency and the latest encryption algorithms. Some notorious attacks in recent years are Cryptolocker, which stole a total of 27 million dollars from victims, CryptoWall, which stole 18 million dollars. Finally, in 2017, there were the notorious WannaCry and NotPetya attacks. I’ve written about NotPetya specifically before, so I encourage you to read about all the details in my other posts while waiting for the next post in this series! I’ll discuss more next week about common victims of ransomware attacks.