To πρώτο ransomware που έχει καταγραφεί, ήταν το 1989 με το AIDS Trojan. Ήταν επίσης γνωστό και σαν PS Cyborg. Ο βιολόγος Joseph L. Popp από το Harvard, φέρεται να έστειλε 20,000 μολυσμένες δισκέτες με τίτλο “AIDS Information – Introductory Diskettes” στους συμμετέχοντες στο συνέδριο World Health Organization's international AIDS conference.
After a few (90) reboots, the Trojan hid directories and encrypted filenames on computers. To re-access victims' files, they had to send $ 189 to PC Cyborg Corp. at a Panama Post Office. Dr. Popp was arrested but never tried for unaccounted for reasons. His lawyer said he started wearing a cardboard box like a hat to protect himself from radiation….
Ransomware has been around for over a decade, but in recent years it has become a real problem. In his early days, the victims were mostly home users, who made an "unlucky" click on a fake attachment that came with an email.
Soon after, they would find their computer locked, along with their files and family photos. However, in the last couple of years, the focus has shifted to businesses, which have more computers, more data for encryption and of course deeper pockets to pay the ransom.
But now that the National Cyber Security Center in the UK has described the WannaCry attack as "global coordinated ransomware attack”In thousands of private and public organizations in dozens of countries, we can understand that the ransomware took a step - below. It has become a threat to nations and not just individuals and businesses.
What makes the ransomware so effective is that it targets what's really important: the data. Whether it's wedding photos or company invoices, malicious software may lack finesse, but it encrypts everything it can find.
Η εξέλιξη αυτή δεν έχει περάσει απαρατήρητη: τόσο ο πρώην επικεφαλής της NSA ναύαρχoς Michael Rogers όσο και ο Αμερικάνος διευθυντής της National Intelligence κ. Dan Coats ανέφεραν τους κινδύνους των ransomware σε πρόσφατες ομιλίες στις επιτροπές της Γερουσίας των USA.
Of course none of them expected the immediate confirmation of their speeches that came true with WannaCry's global assault last week.
Rogers warned that in the past year the US has received increased ransomware attacks on individuals and businesses. Although these attacks are typically considered standardized issues for the FBI, Rogers reported that ransomware attacks are something that could cause damage to military infrastructure (PDF).
The irony: The WannaCry ransomware was so powerful because of the NSA exploit that it leaked when Rogers was in charge. This reflects the complex set of factors that underpin WannaCry effectiveness.
The evaluation of threats worldwide (PDF) submitted by Coats to the committee also showed that ransomware has become a highly popular blackmail tool, noting that criminals who spread the ransomware have turned to the medical field.
Running 50 with different variants of ransomware, and as WannaCry shows, it's relatively easy to add new features that can make any malware even more powerful. In this case, what made it so effective was the ability of malware to spread from computer to computer without user intervention.
Some Companies security but also Authorities are trying to build defenses, making it easier to remove ransomware – for example, the initiative No More Ransom which hosts a set of tools that can unlock the encrypted data of victims without having to pay ransom.
But the difficulty is in finding and persecuting those behind the ransomware attacks. The ease with which they can now be attacked globally means that ransomware can be comfortable in the foreseeable future.