Over the years, Ransomware attacks have evolved into prominent threats for organizations all around the globe. Cybercriminals are no longer amateurs; rather they have become specialized and sophisticated in their attacks, aiming to cause huge annihilation for victim companies. They have access to advanced distribution methods and innovative encryption techniques, making ransomware recovery and protection a fiercely complicated task, with ransom demands incessantly on the rise.
In the past few years, a number of catastrophic Ransomware attacks have occurred that caused a great degree of havoc.
The Wannacrypt virus in May 2017 is undoubtedly regarded as the worst ransomware attack in history. Spreading like wildfire across 150 countries, this global cyber-attack infected almost 250,000 organizations in all sectors. The massive cyber extortion locked computers, encrypted user’s files, and held them, hostage, demanding a huge ransom of $300 in Bitcoin to release the data. Such huge were its effects that it targeted not just large corporations, but government entities, hospitals, educational institutes, police stations, airports, etc. triggering huge losses. Even though most of the attacks were targeted at Russia, Ukraine, and Taiwan, it had devastating consequences in numerous other countries as well including the U.K., China, and India. Many organizations today are still undergoing ransomware recovery, dealing with the disastrous effects of the catastrophe that struck them.
According to reports, however, Microsoft had released a security patch for the Wannacrypt malware a few months prior to the virus propagated, but many users had not installed it, making themselves highly vulnerable to the attack.
The cyber crooks used malicious emails to trick the victims into opening these spam emails, comprising of malware attachments, disguised as resumes, job offers, and invoices. Once the users clicked on these attachments, the malware was downloaded on the system, encrypting huge amounts of data and causing the virus to rapidly spread to other computers in the network.
In the UK, many hospitals under the National Health Service became a victim of the cyber-attack. The assault halted the operations of hundreds of clinics and hospitals, giving rise to countless administrative and operational issues with a risk of losing all patients’ data. The situation at the hospitals turned very chaotic such that people had to wait for hours for their appointments, surgeries were postponed and in certain cases, hospitals were forced to turn away ambulances.
The attack also caused massive disruptions in many parts of the world, impacting gas stations in China to police departments in India. Furthermore, the business activities of many large corporations were also hindered, thereby impacting production and sales.
Renault, the automobile manufacturer, had to cease operations at its production sites to prevent the spread of the malware. Similarly, Hitachi also became a considerable target of the cyber-attack, where its computer systems were disrupted, considerably affecting the email service due to the inability to send and receive emails.
Furthermore, Europe’s largest train operator, Deutsche Bahn, was considerably affected by the attack. The German train operator’s systems were disrupted, disabling ticket machines, while the digital schedule boards displayed messages of ransom notes for ransomware removal rather than train departure and arrival timings. The company had to incur huge costs to repair the system.
Fed Ex’s delivery service also became a victim of the attack, experiencing interference in its Windows-based systems infected by the malware, disrupting its operations. Many deliveries were postponed and a great deal of inconvenience caused to the customers.
These are just a few names out of the hundreds of entities that faced disastrous consequences as a result of the attack. Ransomware recovery proved immensely difficult and organizations had to succumb to extreme monetary losses accounting to a total of approximately $4 billion. It undoubtedly was a very lucrative attack for cyber crooks who were able to generate huge amounts of revenue.