If you have heard the term ransomware and are not sure of what it means then please read on. According to Webster’s dictionary, ransomware is when a hacker uses illegal software to encrypt key files and hard drives of a company computer, locks out the owners from their computer, then demands a ransom to unlock the computer. Additionally, hackers may also demand bitcoin as a form of payment. Once payment is made or the hackers are caught a decryption key is obtained to unlock the infected computer. However, authorities have had several infamous hackers arrested and imprisoned.
More Recent Large Scale Ransomware Attacks
In 2019 there have been several ransomware attacks worldwide. For example the “Bad Rabbit” ransomware follows in the footsteps of the larger “Wanna Cry” and “NotPetya” malicious codes and primarily affects institutions in Russia and Eastern Europe. Specifically, the unsuspecting user download an adobe file to his or her computer and the infection then locks the computer for a ransom of $280 in Bitcoin. Additionally, the victims have a 40-hour deadline to pay the ransom or lose their files.
Another worldwide (except post Soviet countries)ransomware is called Cerber which is similar to “Bad Rabbit”, but is a type of ransomware as a service (Raas). Unlike other ransomware, cyber criminals can purchase Cerber in exchange for 40 percent of the profits. Specifically, the ransomware is unleashed from Office 365 file attachment. After encryption ransom notes are posted in the infected computer. However, you can purchase a Cerber decryptor, the Trend Micro ransomware file decryptor tomillol, from Trend Micro company. Back in 2017, Cerber caused about 26% of all ransomware attacks.
Other examples of recent large attacking ransomware include Dharma, GandCrab, Jigsaw, Katyusha, LockerGoga, PewCrypt, Ryuk, and SamSam. Likewise, many of these ransomware have produced millions in Bitcoin payments and have no free decryption keys to date. Another malignant aspect of these malware is that they are improved upon and avoid detection with advanced military grade encryption technologies until released into the networks. As a result, enterprises, cities, and individuals have had to pay millions or lose their important information or privacy.
Largest Attacks of All Time
Similar to the previous ransomware attacks, the following attacks are large scale and have affected millions of users before a decryption key is developed or forced from the hacker. Listed are 5 of the largest ransomware attacks.
TeslaCrypt – This monster ransomware cleverly targets files associated with video games such as maps, saved games, and so on. Since these files are unlikely to be cloud based or saved to external file storage, they are mostly stored locally. So, by 2016 the TeslaCrypt ransomware had made up to 48 percent of ransomware attacks.
SimpleLocker – Similar to the TeslaCrypt in that the ransomware targets local files, but the targeted files are located on Android mobile devices. The malware uses a trojan downloader to encrypt mobile files. Simplelocker was originally from Eastern Europe but targeted 3/4 of its victims in the US
WannaCry – Another one of the largest global attacks which shut down hospitals in the Ukraine and radio stations in California occurred in mid 2017. By May Avast detected 250,000 detection in over 116 countries. Specifically, WannaCry exploited Microsoft’s server message block protocol (SMB) and it’s creators are still unknown.
NotPetYa – Likewise, NotPetya used the EternalBlue package to spread across the world and it’s creators are unknown.
SamSam – And yet, another high profile ransomware, that took down the Colorado Department of Transportation, the City of Atlanta, and numerous health care organizations. The United States Department of Justice indicted two Iranians were behind the attacks
To Catch a Cyber Criminal
Not only have hackers been indicted, but they also have been arrested for cyber criminal activity. However, before arrests can be made the cyber criminals need to be caught. Since cyber hacking is a global crime, several law enforcement organizations coordinate their efforts to catch hackers. Usually a combination of government agencies, international partners, and private corporations work together to hunt down their hackers.
One example of a hacker arrested is the Lurk group from Russia where local police raided a suspected hacker’s computer equipment and software. Similarly, Karim Baratov, a Canadian hacker, is awaiting trial for illegal cyber hacking. Another example, of an infamous hacker arrested is Ercan Findikoglu who is serving an 8 year US prison term. He targeted ATMs and caused a loss of $55 million.
In conclusion ransomware is a permanent fact of the worldwide Internet causing individuals and organizations to lose millions of dollars per year. One of the best ways to protect data from hackers is offline storage backup of your critical files and hard drives.