Ransomware is a damn simple scheme to make money. Data is often considered one of the most important assets a business, healthcare provider, or individual can possess. The malware encrypts a computer user’s valuable data and demands a ransom: demanding payment or information in exchange for a decryption key.
Ransomware is Not a New Threat.
In 1989, the AIDS Trojan stole data using basic symmetric encryption. The Trojan was distributed via floppy disks and demanded that computer users send money to a P.O. box in Panama to regain access to their data. Interestingly, the author of this ransomware assured to donate all ransom proceeds to fund AIDS research. Since then, ransomware has become much more common and sophisticated. According to the U.S. Department of Fairness, 2020 was the nastiest year for ransomware attacks. Below are four of the most significant ransomware attacks ever recorded.
Wannacry Ransomware
Wannacry was a complex and widespread ransomware attack believed to have originated in the Democratic People’s Republic of Korea. The DPRK has often sought illegal or semi-legal ways to revive its flagging economy. Drug trafficking, clandestine arms sales, and even printing counterfeit money have all provided the hermit kingdom with much-needed cash in the past. Wannacry symbolizes North Korea’s foray into the world of cybercrime. Thousands of organizations were hit by malware that encrypted files and demanded ransom payments in Bitcoin. In the United Kingdom, the National Health Service was severely damaged by Wannacry attacks.
Robinhood Ransomware
In 2019, Baltimore, Maryland, was the victim of a particularly aggressive ransomware attack called RobbinHood. The criminals behind RobbinHood encrypted highly sensitive financial and property data and demanded a hefty ransom. This caused chaos in the city and ultimately cost the city an estimated $13.8 million.
Ryuk
Ryuk is another ransomware attack believed to be linked to the North Korean government. Specifically, the malware in the attack is connected to the mysterious Lazarus Group, a hacking organization with close ties to the North Korean intelligence services. Ryuk was an extremely clever attacker. It specifically targeted organizations that were under tight deadlines. The LA Times then attacked several water boards because organizations rushing to meet deadlines were likelier to admit defeat and pay the ransom for their valuable data.
Sodinokibi
The Sodinokibi group targeted money transfer agencies, stealing and encrypting highly sensitive customer data. By demanding a ransom of $6 million in exchange for access to encrypted data, the hackers created a significant problem in 2020. Employees of Travelex, a primary money transfer service, were again working with pens and paper while their systems were hacked. Many banks rely on travel exchange services to make international money transfers for their customers, so this attack had a huge impact.