Ransomware attacks are some of the most terrifying cybercrimes to be the victim of. They directly target something you or your business hold dear – customer data, scandalous information, trade secrets and all sorts of files. It is called ransomware for a reason: your data is held by the attacker until you agree to pay a ransom. The data being ransomed doesn’t even have to be real. There are multiple examples of ransomware threatening a user with the release of damaging information that the user knows is false, but can’t do anything about. Ransomware is scary stuff. Here are two of the most audacious ransomware scams pulled off.
Cryptolocker was ransomware that used a trojan horse virus to infect thousands of computers in 2013. It was estimated that around $3 million was extorted from businesses and private users using cryptolocker. While the malware itself was easy to remove, the encrypted files were almost impossible to unscramble without paying the ransom. The ransomware offered victims a private de-encryption key if they paid up using bitcoin or vouchers. According to researchers from the University of Kent, 41 percent of victims decided to pay the ransom. This is a very high percentage, and may be explained by just how hard it was to gain access to encrypted files without paying.
It is a good idea to invest in decent Ransomware Prevention if you are working on improving business security. Although the majority of businesses affected by ransomware don’t end up paying the ransoms asked for, they do spend a great deal of money re-securing their networks, eliminating works and restoring all of their data. Don’t take the risk!
Wannacry is a good example of what can happen when a nation state gives its support to a cybercrime operation. The Democratic People’s Republic of Korea is governed by an isolated and autocratic regime. As a result of this, it is very hard for the government of the DPRK to acquire the amount of currency necessary to run a country (or line the leaders’ pockets, depending on who you believe). Because of how difficult it has proven for North Korea to raise funds legitimately its government has turned to crime. As well as smuggling drugs, selling guns and printing fake money, the DPRK was quick to adopt cybercrime as a way of earning quick cash.
Wannacry was the crowning glory of North Korea’s cybercriminal efforts. This ransomware worm would encrypt all of the files on a computer – making them completely inaccessible to the user. It would then display an ominous red message demanding $300 in bitcoin for the return of the files. Interestingly, the worst affected organizations were hospitals. The British National Health Service ended up having to pay 92 million pounds in security and backup costs after thousands of their computers were compromised.
Wannacry was eventually tracked back to a shadowy hacking unit called the Lazarus Group, which has links to North Korean agents and has also orchestrated attacks on South Korean industry and banks. It has now largely been patched out of existence, but not before it infected millions of computers.