• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
easy GDPR - we make compliance with GDPR easy

easyGDPR

We make implementing General Data Protection Regulation Easy

  • Home
  • Services
    • Software
      • easyGDPR Quickcheck
      • (DEP) easyGDPR lite
      • (DEP) easyGDPR Standard
      • Data Subject Requests
      • Sophos
    • IT Security
    • network checkup
    • SME digitization funding
    • Data protection consulting
      • Data protection
      • Cybersecurity
    • Training
      • Data protection
      • Cybersecurity
  • Partner
    • Resellerprogramm
    • Affiliate programm
  • GDPR
    • GDPR News
    • FAQ
    • GDPR Decisions
    • GDPR penalties
    • GDPR legal text
  • Shop
  • Contact
    • Contact
    • Newsletter registration
  • Login
    • Shop / Affiliate Program
    • easyGDPR Software
  • German
  • English

30 Years of Ransomware

19/06/2020 by Stefan Schindler

The threat of ransomware has never been greater. That’s why today we’re taking a look at the history of ransomware and the consequences for businesses, as well as what end users think about the issue.

The history of ransomware

One of the first ransomware attacks was the AIDS Trojan. This malware used floppy disks, which were also used by researchers to share results, to spread. However, this Trojan was relatively harmless. The user had to install it manually from the floppy disk and send a check to Panama for the decryption code. Due to the symmetric encryption used and the fact that only the file names were encrypted, security experts were also able to recover the data.

11 years later, the LoveBug virus in May 2000 proved the potential scale that these ransomware programs could reach. The creator of the LoveBug virus – a student in the Philippines – laid the foundation for a billion-dollar extortion industry. This ransomware harmed both private users and companies for the first time. In the end, over 45 million computers were infected and offline worldwide.

The AIDS Trojan and LoveBug inspired other extortionists who forced victims to buy keys or decryption software with GPCoder (2004) and Archievus (2006). Again, IT security experts were able to recover much of the data without purchasing keys.

The next generation of ransomware would not be so easy to defeat. CryptoLocker, CryptoDefense and CryptoLocker2.0, which were unleashed on the world in 2013, use novel methods for distribution and encryption. The ransomware was now spreading via infected email attachments and websites. Botnets now provide cybercriminals with direct access to infected systems. In addition, strong AES-256 encryption has now been used. This encryption now offered a major challenge for IT security experts. The Bitcoin payment method additionally obscured the routes and destinations for the ransom. As a result, it took a whole year before the botnet could finally be unmasked and largely deactivated.

The next development is probably known to most people: WannaCry. This ransomware finally exposed the potential of this type of malware in 2017. In just four days, more than 230,000 devices from over 150 countries were infected. Blackmail letters in 20 different languages were written.

Ransomware in the present

Malware has become extremely complex and spreads many times faster than before. The targets have mostly changed as well: instead of individuals, more and more companies and organizations are becoming targets, as they can pay much higher ransoms. According to coverware experts, hackers generate an average of $110,000 per case. Better phishing methods that enable more believable mails with malicious code make smaller companies a target as well. These often do not have sufficient backups. Larger companies, even with good backups and IT infrastructure, sometimes have to go offline for days to clean up all systems.

End-user expectations have also risen since the early days of ransomware. A survey by Veritas Technologies shows a clear picture. Although end users expect companies to stand up to hackers and not pay a ransom, they quickly change their attitude as soon as personal information is affected. In this case, a large proportion of end customers expect to pay an average of €1070/user. These amounts add up quickly and, in the case of recent attacks, amount to several hundred million euros. In addition, compensation and consequences for the company’s top management (in some cases even imprisonment!) are expected. And the damage to the company’s image in the event of a successful hack is enormous. 42% of respondents would no longer purchase from successfully hacked companies.

Protection against ransomware

You can protect yourself against ransomware. The most important means against ransomware are secure, offline stored or read-only and frequently created backups. This allows the system to be quickly reset to a clean state. But here you can do a lot wrong! Backups that are easily accessible from the network are often co-encrypted or deleted by viruses! A good firewall is also important. Next generation firewalls use intelligent algorithms to detect and stop attacks at an early stage. This is important because early detection of an attack does a lot to minimize damage.

Category iconCybersecurity,  News

Primary Sidebar

IT-Security Whitepaper Downloaden
  • German
  • English
  • Data Protection Statement
  • Terms and Conditions
  • Imprint
  • Licence terms for easyGDPR
  • GDPR terms
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking "Accept", you consent to the use of ALL the cookies.
SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non Necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

functionality

Diese Art von Cookies erhöht die Benutzerfreundlichkeit unserer Website. Beispielsweise wird darin die von Ihnen ausgewählte Sprache gespeichert. Auch die Verfügbarkeit von Videostreams und sonstigem Inhalt kann von diesen Cookies abhängig sein. Wenn Sie diese Cookies ablehnen, ist die Benutzerfreundlichkeit eingeschränkt.

Save & Accept