In the early days of computing technology, ‘malware’ were often created out of curiosity, to test out the limits of code and security weaknesses. However, even as early as the 1980s, malicious hackers saw opportunities to extort money by creating ransomware.
Brief history of ransomware
The first known ransomware virus, named the AIDS Trojan, hid inside 20,000 floppy disks that were distributed to medical scholars. The malware counts the number of times a computer was booted by the user. After the count hits 90, the malware encrypts all existing data and demands ransom to be paid to a physical address.
The creator of AIDS Trojan never fully profited from his ransomware, but this incident spurred decades of ransomware development that is increasingly powerful. Due to the unique encryption of data in individual computers, no two infections are the same; no single antidote can decrypt all computers in the same network.
Even so, the attack patterns are similar in execution by the cybercriminals: 1) malware must first enter a system via human interaction, 2) it lies undetected inside the system for a certain period, 3) it activates, encrypts data, and demands ransom, 4) payment must be sent to an anonymous address in order to decrypt data in the machine.
Prevention, Detection, and Continuity
Without advanced security protocols, organizations can only hope that its members do not fall prey to unintentional download of malware. Even if members have been trained to be wary of cybersecurity risks due to their actions, the whole IT infrastructure must remain up to date to prevent malware from targeting unpatched OS weaknesses, as in the case of the WannaCry virus.
It is not enough to hope. Hackers continue to look for ways to sabotage organizations (mostly government, technology, and medical sectors) and enjoy millions of dollars in ransom. The best way to defend against ransomware is proactive security.
Cybersecurity firm Xynexis strives to be many steps ahead of cybercriminals. We employ ethical Penetration Testing to identify security holes and assess risk levels of databases and end-point devices. We help organizations uncover digital footprints to detect hacking and fraud attempts, as well as hidden malware that can be removed before it is too late.
In addition, we offer support for Business Continuity and Disaster Recovery to anticipate the worst-case scenario in which digital assets are held ransom. Learn more about our services to protect your organization.