Understanding Ransomware: A Brief Overview

Caleb Townsend
Staff Writer   United States Cybersecurity Magazine

Baltimore, Maryland, Atlanta, Georgia, and South Carolina are three of the recent areas that have been grabbing headlines with reports of ransomware attacks. These attacks range from small hiccups during the business day to dispatch services and entire cities being shut down. Ransomware is a malicious form of software that uses encryption to lock people out of their own data. Since the inception of software, there have always been people looking to exploit people through encrypted attacks. This is done by creating a symmetric key that attaches itself to the data and prevents access until the victim pays a ransom.  These ransoms are often in the form of cryptocurrency. Once you pay the ransom, the attacker creates a public key that anyone can access. The attacker modifies the encryption to include it, resulting in a cyber hostage situation.

History of ransomware

The first ever known attempt of ransomware was in 1989, in which Joseph Popp crafted an extortion scheme through a Malware called the AIDS Trojan, which was distributed through his postal mailing lists using a floppy disk.  AIDS Trojan suffered from poor design and was easily removable. This was due to the virus only scrambling the names of the files, instead of the file’s contents. Most computers were still usable and people quickly made programs like AIDS_OUT to unlock the files.

These days, there is something that seems relatively innocent about a ransomware attack mailed via floppy disk and thwarted quickly. Something like AIDS Trojan contrasts the ever heightening intensity and efficiency of ransomware attacks that plague the modern cyber-world. Intense attacks like the 2017 WannaCry attack, for example, affected over 150 countries. These attacks also targeted businesses like Honda, FedEx, and even the British National Health Service.  Because of the BNHS attack, 16 hospitals had to turn away patients and cancel surgeries.

Steps to take against ransomware

Ransomware is an unfortunate reality of the modern computing world and the ruthlessness and efficiency of these attacks show no signs of stopping. However, there are always steps you can take to minimize the risk of lost data and files held hostage.  The first step, backed by the FBI, is to never pay the ransom. This will only set a precedent that ransomware is effective and worthwhile. You may be able to retrieve data using one of the many ransomware decryptors available online.

The better route of action, of course, is preparation. That way, if you find yourself in the situation of a ransomware attack, you have a larger pool of options. Back up all of your files in multiple forms. For example, try using a hard drive, a cloud system, or print copies. This is an important step to ensuring that even if your files undergo encrpytion, there are still ways to access them. Investing in cybersecurity programs and updating your systems and software are often reliable ways to protect your computer. Above all, educate yourself on the latest malware trends/tropes, and always exercise common sense. If a link, pop up, or message seems suspect, it most likely is.

Tags: , , , , , , , , , , , , , ,