What Is Ransomware?

What is Ransomware

Ransomware is exactly what it sounds like. It’s a malicious software that holds your device hostage until you pay a certain amount of money. It’s like virtual kidnapping.

Ransomware Basics

Ransomware is a malicious software (also known as a virus) that holds your computer and all of its data hostage until a requested amount of money is paid by the hacker who downloaded the virus onto your computer.

A common example of today’s ransomware is an email that’s allegedly sent by reputable delivery organizations, such as UPS and FedEx. The email might say that you just missed a delivery, but the delivery person is still in your area. If you click on the link in the email, you can receive your package in a few hours.

Another common example is an email attachment. Most commonly, these attachments take the form of important documents, such as tax returns or energy bills.

Once you click the link or download the attachment, the ransomware encrypts your computer’s hard drive. This locks you out of all computer files, from music and photos to videos and password documents.

After the ransomware is encrypted, an urgent screen will usually appear. It threatens to destroy your computer’s hard drive until a certain amount of money is paid.

The History Of Ransomware

According to CNN Money, “The first known ransomware attack, dubbed AIDS Trojan, happened in 1989, according to Symantec. The payment demanded was $189 [by Harvard-trained Joseph Popp].”

The unsuccessful attack was launched at attendees of the World Health Organization’s AIDS Conference. The main weapon was symmetric cryptography, but deception tools quickly recovered file names.

In 2006, Archiveus Trojan captured everything in the My Documents section on personal computers. It required hacked users to make a purchase from specific websites and to obtain a password that de-crypted the files.

In 2011, the popularity of anonymous online payment methods, especially Bitcoin, made it easier for hackers to encrypt ransomware onto personal computers while remaining traceless. It was the first time that product-related Trojans went mainstream, meaning brand names would be used as decoys to make ransomware attacks seem like legitimate product offers.

The next year, a major ransomware Trojan known as Reveton spread throughout Europe. This ransomware attack claimed that the computer under attack was being used for illegal activities and, in order to unlock the encryption, the user had to pay a fine using an anonymous prepaid cash service.

In some cases, Reveton would use the computer’s webcam to make it seem like the user was being recorded.

Reveton made its way to the United States, claiming to require a $200 fine to the FBI using MoneyPak. This tactic was also with Sypeng and Koler, an Android-based ransomware that flashed a fake warning message from the FBI delivered by fake Adobe Flash updates.

In 2013, CryptoLocker was spread by downloads from a compromised website and/or sent to businesses in the form of customer complaints. The following year, sister viruses CryptoDefense and CryptoWall rapidly spread thanks to a coding defect in Windows. The latter netted about $325 million from hacked users.

In 2015, ransomware called LockerPin spread across the United States. It reset the pin on phones, locked users out of their devices, and demanded $500 to unlock the device.

The following year, multiple ransomware attacks ensued, including Ransom32, 7ev3n, LOcky, SamSam, KeRanger, Petya, Maktub, Jigsaw (based on the cinematic horror series), CryptXXX, and ZCryptor.

The most recent damaging attack was WannaCry in 2017. According to Computer Business Review, “200,000 networks in 150 countries were reached by the attack, [and] major organizations, including the National Health Service in the United Kingdom, were completely debilitated to a point at which it was thought human lives could have been endangered.

Types Of Ransomware

According to CSO, a news outlet for security and risk management, the following types of viruses have been consistent throughout ransomware history:

  • Crypto-ransomware encrypts files, folders, and hard drives as described above.
  • Locker-ransomware locks users out of only their devices, which is most often seen with Android-based ransomware.

Fortunately, there is a way to stop all of these cybercriminals. For more information about reliable service and protection for your device. Check out Cetrom’s webinar, Cloud Computing For CPAs: Things Your Firm Should Be Considering.