Nowadays, it’s hard to escape ransomware news with banks, oil pipelines, hospitals, and even police departments suffering from attacks. But what is ransomware? And what are some unique ransomware attacks in the history of computing?
Let’s start with a ransomware definition for people interested in cybersecurity news about viruses and other malware. In a nutshell, ransomware is a type of malware that holds your computer, network, or data hostage. Extortionists usually use ransomware to ask for payment in bitcoin; however, all is not always as it seems with a ransomware attack. Here are some unique ransomware threats that you may find interesting:
#1 WannaCry
The WannaCry ransomware attack was one of the worst in history, causing $4 billion in losses worldwide. It spread rapidly in 2017, impacting all types of organizations, including those providing critical services. For example, the NHS (National Health Service) in England had no choice but to cancel services, admissions, appointments, and more due to the attack.
What made WannaCry unique was that it was a state-sponsored attack. The US and UK governments held North Korea responsible. The US even tracked down the hacker, charging him a year later.
#2 Petya
Although Petya wasn’t prolific, it was unique — it infected a computer’s master boot record to stop Windows from loading but did not encrypt files like regular ransomware. Petya also asked victims for administrative permissions. Later, researchers found a variant of Petya that could also encrypt files and did not need administrative access from a user.
Petya used a typical ransomware attack vector to spread: phishing. Petya arrived in a Trojan horse file disguised as a job opportunity email. Many young computer users looking for jobs were trapped by Petya’s social engineering infection vectors.
#3 NotPetya
Experts say that NotPetya was a cyberweapon based on Petya’s code. WhileNotPetya hit the United States, United Kingdom, France, and other countries, its primary target was Ukraine. NotPetya struck many Ukrainian industries, including transport, financial, and others.
It was unique because it caused over $10 billion in damages globally and, unlike Petya, spread on its own. In addition, NotPetya victims couldn’t get their data back even after paying the attackers, which made experts believe that goal behind the encryption malware wasn’t monetary gain but to spread chaos.
#4 DarkSide
If you’ve seen ransomware attacks making headlines recently, the culprit could be DarkSide. While this ransomware strain is new, it’s become extremely popular with extortionists because it helps them target high-value organizations with precision. The ransomware can encrypt data, rendering computers unusable. It can also steal data, allowing threat actors to blackmail organizations.
One of the most high-profile victims of DarkSide was the Colonial Pipeline. In 2021, the American oil system’s computerized network was hijacked, resulting in disruption. Thanks to the crippling nature of the attack, there were local fuel shortages, and prices rose.
Colonial Pipeline paid hackers $5 million in bitcoin ransom just a day after the cyberattack for fast operational recovery. Interestingly, the FBI recovered a significant percentage of the money from the hackers.
Regardless of the type of ransomware, you can mitigate your risk by using strong passwords, changing login credentials regularly, and looking out for malicious emails that may be hiding ransomware. Additionally, scan your system often with anti-malware tools.
Read Also: