Although there is no proper documented evidence about the first ransomware attack, it is often mentioned that a hospital in 1989 was targeted by the virus and till date, the health industry is the topmost target in the ransomware world. In 1989, an AIDS researcher, Joseph Popp had distributed about 20000 floppy discs to aids’ patients claiming that if they answered the questionnaire at home, the program would be able to detect if that person had aids or not. The floppy disk transported the Trojan virus into the system and on the 90th time the computer was started, it demanded an amount of about $189 to remove the virus from the system.
It is believed that initially, the attackers had their own encryption codes, but as time has progressed they now rely on off the shelf ransomware software which uses more sophisticated technology and aren’t easy to crack down. Moreover, attackers now prefer software which does not accompany an email to enter a system, they prefer phishing campaigns over phishing emails.
With the rise in demand for malware, new and more advanced malware has been launched in the market to target more and more consumers. There is some new software like Cryptolocker, Cryptowall, Locky, and Teslacrypt which have taken the industry by storm. The revenues generated by just one of these go up to $200 million.
Although between 1989 to the early 2000s we do not see a lot of prominent activity in the ransomware world, later it developed and became a nuisance for many industries. In 2011, a worm was discovered in many desktop computers which demanded the windows users reinstall their windows to avoid losing any data. Keeping in mind the pace of technology, we can see how it has risen with the rise in technology all around us. Whether it was Cryptowall or Teslacrypt, they have been making high profits which go up to about $18 million in extortion. The malicious malware has targeted about more than hundreds of people who have paid some money to restore their data.
In the United States alone, hospitals have been reported to have paid thousands of dollars just to restore their systems after days of blockage from the attacker. Attackers only give back access to the files or data if people pay them the requested amount or else they end up losing it all.
It doesn’t really matter where it all started, what matters is how will we deal with it now? Although there’s a lot of awareness about this type of extortion and people aren’t paying up front. But we still need more powerful and efficient security systems that will not get victimized by the malware easily. Till then we can only rely on the available antivirus software and be more aware of what is entering our systems by being vigilant.