Cyber theft is becoming very common. What is an example of a ransomware attack?
What Is an Example of a Ransomware Attack?
A ransomware attack is an attack in which the attacker blocks access to a computer system by hackers. Usually, through the use of a Trojan horse, hackers encrypt the files and demand a ransom to be paid to decrypt them. Ransomware has been around since 1989 but became popular in 2005 when CryptoLocker was released.
It was a huge success for the attackers, who made millions of dollars from unsuspecting users. This is before the US and UK authorities were able to shut down the malware’s operation. A few years later, CryptoWall was released with many improvements and became much more successful than its predecessor.
CryptoWall was more sophisticated because it was able to detect security software and avoided it. This includes encrypting and locking files on disk drives it infected. When it detected that it was running in a virtual environment, it went into “sleep” mode to evade detection by system administrators or anti-virus software.
Spreading Like Wildfire
In 2015, CryptXXX appeared that used stronger encryption that could not be broken by even NSA supercomputers. In 2016, Petya ransomware began spreading worldwide and attacked many companies across the globe. This includes shipping giant Maersk and the advertising agency WPP.
Soon after, NotPetya appeared using some of the same techniques as Petya but with additional methods added. In May 2017, WannaCry ransomware leaked from the National Security Agency (NSA) causing havoc across Europe with victims. This includes Nissan Motors UK Ltd., Telefónica Germany GmbH & Co OHG, Deutsche Bahn AG and FedEx Corp.
In June 2017, another version of Petya called GoldenEye causes massive disruption around Ukraine and quickly spreads across multiple countries with high-impact companies. This includes Merck KGaA Hueck & Co GmbH, Cadbury Schweppes Plc., Rosneft Oil Company PJSC, and A.P Moller-Maersk Group A/S among many others. NotPetya is also known as Nyetya or ExPetr amongst other names globally.
But it is all based on the Petya codebase making it one of the most widespread cyberattacks in history. This affected more than 60 companies worldwide through hundreds of thousands of attacks in over 65 countries with estimated damages of over $10 billion.
How Does It Work?
While ransomware is growing in popularity, it’s still not very common. The majority of the attacks are targeted at businesses in the healthcare sector. Also, the US is still the most targeted country, but the highest number of attacks takes place in Russia, Germany, Ukraine, and France.
Ransomware attacks are carried out by a variety of different methods. Depending on how an attack has been initiated, there are different ways to prevent it from being successful. Some attacks occur when users click on malicious links in emails or download attachments that have been sent to them via email.
This is an obvious security breach that can be prevented by simply not opening suspicious emails or attachments. Another method used by attackers is sending fake emails stating that you have outstanding invoices and other documents to review and approve. Attackers will send a link to a seemingly legitimate site where you can view the document.