Ransomware is not new, but it still makes front page news by crippling global enterprises and governments. By encrypting all or part of a computer or system, this malware often causes irreparable data loss, even if the owner pays the ransom. Cybersecurity professionals need to stay ahead of the ransomware attacks. The first known ransomware attack occurred in 1989 AIDS Trojan1 which targeted the healthcare industry.
While crudely distributed on 20,000 floppy disks, this ransomware attack did manage to infect major corporations, such as Palo Alto Networks. This white paper traces the evolution of ransomware attacks, the different ransomware gangs, and their modus operandi. It helps cyber professionals better understand ransomware from a business and technical perspective, as well as how they can prevent and handle an attack.
While ransomware has been around for nearly 30 years, the cadence of ransomware attacks is increasingly more effective and more accessible, even to hackers with only a basic technical background.
The next evolution was not until 2012 when the first major global ransomware infection occurred. Reveton Worm or Police Ransomware — so named, as it used a fake FBI (U.S. Federal Bureau of Investigation) message to disguise and lock the computer’s data and extort payment from those with infected computers.