What is ransomware?
In its simplest form, ransomware is a kidnapper that holds your data hostage. When you’re being attacked with ransomware, your data will be encrypted, and unless you have a recent backup, you could be in trouble. The attack is carried out in various ways – it could be from a link you click in an email you receive, or it could infect some of your files.
The attacker expects you to pay a ransom for them to release your files, and the payment is usually done in untraceable cryptocurrencies. This way, you have very little to go on if you try to identify the attacker, which is their goal.
Back in the days, browser cookies were basically used as ransomware. Websites would tell you that they won’t let you access their content unless they can store cookies on your system, which is basically how it works now, too. Today’s ransomware, though, is a lot more complex.
Here are a few big examples of ransomware that you might have heard of. We encourage you to research them further in order to get a better understanding of the scope of the problem.
Notable Ransomware Examples
One of the first of its kind, CryptoLocker used a Trojan horse malware to access files on a system and encrypt them. Cybercriminals relied heavily on social engineering to get users to download the ransomware, after which it would strip users of all their data, giving them an overview of how much they have to pay for their data to be released. It’s estimated that the attackers got around three million dollars before it was taken down.
Initially discovered in 2016, the Petya family of ransomware attacks Windows systems. It infects their master boot record in order to encrypt the files of a user’s hard drive, and displays a message that shows you how to pay the ransom and get your files back.
Arguably one of the most popular cases, WannaCry managed to infect over 230 thousand systems in less than a day. This is thanks to the nature of the software which allows it to duplicate itself without affecting any files, but it can only target outdated Windows versions that don’t have the EternalBlue vulnerability patched. This is one of the main reasons why you need a cloud security management provider to make sure everything is patched and up to date!
This is a great example of how complex ransomware is and how quickly it grows. Cerber is basically a SaaS solution – anyone can use it, provided they give 40% of their profits to the distributors. The ransomware itself is usually distributed with phishing tactics, and once encryption is complete, you’re met with payment instructions.