Ransomware is devilishly simple as a money-making scheme. Data is often considered one of the most important assets that a business, health care provider or individual can own. Ransomware works by encrypting the precious data of a computer user and quite literally holding it to ransom: demanding payment or information in return for a decryption key.
Ransomware is not a new threat.
In 1989, the AIDS trojan held data to ransom using basic symmetric encryption. The trojan was spread via floppy disk and required computer users to send money to a PO box in Panama in order to regain access to their data. Interestingly, the author of this ransomware promised to use all of the profits from ransom payments to fund AIDS research. Since then, ransomware has become far more widespread and sophisticated. According to the US Department of Justice, 2020 was the worst year on record for ransomware attacks. Here are four of the worst ransomware attacks ever recorded.
Table of Contents
Wannacry was a wide-ranging and complex ransomware attack believed to have emanated from the Democratic People’s Republic of Korea. The DPRK has often sought out illegal or semi-legal ways of bolstering its flagging economy. Drug running, under-the-counter weapons sales, and even counterfeit money printing have bought much-needed cash into the hermit kingdom in the past. Wannacry symbolizes North Korea’s move into the cybercrime world. Thousands of organizations were affected by the malware, which encrypted files and asked for a ransom in bitcoin. In the United Kingdom, the National Health Service was badly hit by wannacry attacks.
In 2019, the city of Baltimore, Maryland, was struck by an especially aggressive ransomware attack known as RobbinHood. The criminals behind RobbinHood encrypted extremely sensitive financial and property data and requested a very large series of ransom payments. Ultimately, this caused havoc in the city – eventually costing the city around 13.8 million dollars.
Ryuk is another ransomware attack that is thought to have ties to the North Korean government. More specifically, code from the malware used in the attack has been linked with the shadowy Lazarus Group – a hacking organization closely tied to DPRK spy agencies. Ryuk was an extremely clever attack. It specifically targeted organizations that were up against tight deadlines. The LA Times and several water boards were targeted under the pretense that organizations in a rush to complete deadlines would be more likely to concede defeat and pay a ransom for their precious data.
Also Read: 6 Areas of Your Business to Revamp
The Sodinokibi group attacked money transfer agencies– stealing and encrypting extremely sensitive customer data. Asking for a six-million-dollar ransom in return for access to the encrypted data, the hackers caused a huge headache in 2020. Employees working for Travelex, a major money transfer service, went back to working with pens and paper while their systems were being held, hostage. Many banks rely upon travel exchange services to provide international money transfers to their customers, meaning this attack had a big knock-on effect.