Ransomware is a relatively new phenomenon in the field of cybercrime, but it has left a trail of devastated victims in a short time. It works by locking computer files so that they can’t be accessed by the user. It’s a kidnap scenario. The target then receives a message instructing them how to pay a ransom to regain access. It’s an exceptionally clever and extremely damaging type of malware that can create havoc for anyone who falls foul of it.

Beginnings

It might surprise you to know that ransomware wasn’t made with evil intent. It was created in 1986, when two brothers in Pakistan, Amjad and Basit Alvi, developed a new software program that could identify piracy attempts and enhance computer protection.

Early Evolution

This computer code was then seized upon by cybercriminals who modified it so that files could be locked. Victims received a floppy disk falsely purporting to be an ‘AIDS Information Introductory Diskette’. In fact, it contained a virus known as the PC Cyborg/AIDS virus. When the user installed the software from the floppy disk, the files on the hard drive were locked and hidden, and a message ordered them to pay $189 to a P.O. Box located in Panama. This would supposedly allow them to renew the license for the software. It was, of course, a huge con.

Ransomware Revived

Everything went quiet for almost twenty years. It reappeared in 2006 as a Trojan horse virus, which could encrypt files with widely used file extensions (.doc, .jpg, .xls, .html and .zip are some examples). This version was known as GPCoder or PGPCoder. Again, targets received a message telling them to pay if the wanted the files to be decrypted so they could regain access.

This was a pivotal development, because new strains of the virus began to emerge. File encryption was refined, so that hackers could use the malware more easily, and in new ways, and better conceal themselves. Hackers soon began to use innovative ways to deploy it, with a rise in ransomware attacks.

Ransomware Now

The next step in the development of ransomware dates to September 2013. This version was known as CryptoLocker, and it was delivered as an attachment to an email that was carefully crafted to look harmless. Often the message purported to come from a real and trusted business or organization. It required the user to open an attachment that looked like an innocent .pdf file. In fact it contained a .zip file with an executable file within. This would install itself and alter the computer registry by adding a security key. The hacker could then access the user profile and encrypt the target files.

There have been several versions of Cryptolocker, but they all work similarly. Cybersecurity experts have worked tirelessly to combat this and similar software, but ransomware attacks have become more and more common.

Prevention of Ransomware Attacks

Although much effort has been put into preventing ransomware attacks, people are still succumbing to them. The good news is that there are ways to protect yourself. Sophisticated cybersecurity solutions are available and are a key weapon in the fight against cybercrime. Everyone should take advantage of antivirus solutions and spam-blocking software. Everyone should be extremely cautious about downloading email attachments, even if the email seems to come from a reputable sender.

If data is locked and inaccessible, the consequences for a business can be disastrous. One way to ensure access is maintained is by conducting regular, comprehensive backups, with the data stored on a separate system or in the cloud. This should limit the downtime that a ransomware attack can cause. However, hackers also have a new strategy, which is to publish the hijacked data online. Clearly, this can also be hugely damaging. All businesses should take steps to make sure that ransomware attacks don’t happen in the first place, because prevention is always better than cure.

At Quikteks, we are dedicated to boosting your IT security and your organization’s productivity. We can help to protect you against malware attacks that could derail your operations. To find out more about how we can help you, call us today at 973882-4644.

,