The first recorded ransomware was in 1989 with the AIDS Trojan. It was also known as PS Cyborg. Harvard biologist Joseph L. Popp allegedly sent 20,000 infected diskettes titled “AIDS Information – Introductory Diskettes” to participants at the World Health Organization's conference international AIDS conference.
After a few (90) reboots, the Trojan hid directories and encrypted filenames on computers. To re-acquire access victims in their files had to send $ 189 to PC Cyborg Corp. at a Panama Post Office. Dr. Popp was arrested but never tried for unaccounted for reasons. His lawyer said he started wearing a cardboard box like a hat to protect himself from radiation….
Ransomware has been around for over a decade, but in recent years it has become a real problem. In his early days, the victims were mostly home users, who made an "unlucky" click on a fake attachment that came with an email.
Immediately afterwards they found their computer locked together with their files and family photos. However, over the past two years, targeting has turned to businesses that have more computers, more encryption data, and of course deeper pockets to pay ransom.
But now that the UK's National Center for Cyber Security has described it attack WannaCry like “global coordinated ransomware attack”In thousands of private and public organizations in dozens of countries, we can understand that the ransomware took a step - below. It has become a threat to nations and not just individuals and businesses.
What makes the ransomware so effective is that it targets what's really important: the data. Whether it's wedding photos or company invoices, malicious software may lack finesse, but it encrypts everything it can find.
This development has not gone unnoticed: both former NSA chief Admiral Michael Rogers and US National Intelligence Director Dan Coats have reported the dangers of ransomware in recent US Senate committee talks.
Of course none of them expected the immediate confirmation of their speeches that came true with WannaCry's global assault last week.
Rogers warned that in the past year the US has received increased ransomware attacks on individuals and businesses. Although these attacks are typically considered standardized issues for the FBI, Rogers reported that ransomware attacks are something that could cause damage to military infrastructure (PDF).
The irony: The WannaCry ransomware was so powerful because of the NSA exploit that it leaked when Rogers was in charge. This reflects the complex set of factors that underpin WannaCry effectiveness.
The evaluation of threats worldwide (PDF) submitted by Coats to the committee also showed that ransomware has become a highly popular blackmail tool, noting that criminals who spread the ransomware have turned to the medical field.
Running 50 with different variants of ransomware, and as WannaCry shows, it's relatively easy to add new features that can make any malware even more powerful. In this case, what made it so effective was the ability of malware to spread from computer to computer without user intervention.
Some security companies and authorities are trying to build defenses, making it easier to remove ransomware - for example, the initiative No More Ransom which hosts a set of tools that can unlock the encrypted data of victims without having to pay ransom.
But the difficulty is in finding and persecuting those behind the ransomware attacks. The ease with which they can now be attacked globally means that ransomware can be comfortable in the foreseeable future.
