• The evolution of ransomware: From floppy to email

The evolution of ransomware: From floppy to email

|

When we hear about ransoming activities it usually involves a criminal group capturing or kidnapping someone who is then exchanged for a certain amount of money. Typically, we associate ransom with regions such as the Middle East or South America.

However, there is another form of ransom that is taking place over the internet and is not limited by geography. Ransomware is a threat to your personal identity that could end up costing you big time.

Unfortunately, cybercriminals are using this form of nefarious software more than ever before. According to a 2014 Symantec Internet Security Threat Report, ransomware activity skyrocketed by 500 per cent in 2013.1

Furthermore, the attacks using ransomware can be lucrative. For instance, one of the newest examples CryptoLocker has forced 3 per cent of victims to pay an amount stipulated by cybercriminals - usually between US$100 to $400.1

What is ransomware?

In the past, ransom involved a range of practices including violence and kidnapping. However, in today's digital age, criminals are targeting the data stored on your PC in an attempt to elicit money or other valuables.

Ransomware is a form of malicious software that holds your computer or a number of files on your computer hostage. This usually happens when a user clicks on an infected pop-up ad, website or link within an email.

According to Norton, in some scenarios, pornographic ads will show up on your screen every time you try to access a web page. A situation like this could be disastrous if you were at work or your children were using your computer. 1

Furthermore, cybercriminals can also destroy or even worse release personal information currently being stored on your computer. One ransomware attack forced a victim to pay a ransom amount or otherwise lose a piece of information every 30 minutes.

To better understand ransomware and avoid becoming a victim, it is important to know its evolutionary history. 

A brief history of ransomware

Ransomware began circulating back in 1989 when a company called PC Cyborg released over a thousand floppy disks that contained an AIDS information questionnaire.

The AIDS Trojan, as it was called, encrypted segments of the top most directory located within a PC's hard drive. Its creators aimed to extort money from users, but, they need to mail physical disks and the basic cryptography of the software impacted the overall success of the illegal operation. 

The first modern wave of this software began with the development and circulation of Trojan.Gpcoder, which was a Trojan horse that would search for files with various applications and encode them. 

According to Symantec, these previous examples have all lead to the two types of ransomware that are in circulation today.1

The first, and most common, is called crypto ransomware. It aims to encrypt your files and personal data to pressure you into paying the cyberattackers a certain amount. Locker ransomware is the second type in circulation. If it infects your computer, it will shut you out and bar you from re-accessing it.

Today's ransomware is much more sophisticated than its early ancestors. The clearest current example of this cyberthreat is the malware program called CryptoLocker. Its presence online was such a threat to users that back in 2013 the FBI released a warning to the general public. 2

However, there is a series of methods and techniques that you can use to avoid being the victim of a ransomware attack.  

How can I stop my information being held hostage?

The rapid advancement of technology and the considerable time that people spend on the internet have given cybercriminals a much larger array of victims to choose from.

The best way to avoid ransomware is to learn to identify and avoid phishing attacks. 

As email is its main mode of delivery, thus being able to spot suspect ones can mean the difference between infection and avoidance. 

Typically, illicit emails will mirror official documents as close as they can. However, they are never perfect replications.

Check out the logo and other symbols to make sure they do not differ in some way. If a contact email is provided, check and see if it is hosted by a generic provider such as Gmail or Hotmail - if it is, it may be a fraud. 

If you are in doubt, do not click on any of the links. Instead, contact the company or organisation through a separate email to verify its authenticity. Staying clear of suspect emails is one of the best and most efficient ways to avoid ransomware. 

In this day and age, it is important for individuals to be responsible for their own personal information. Fortunately, there are services available that can help you keep your sensitive data and information out of the hands of cybercriminals. 

Identity Watch's services can keep an eye on your information and alert you if it is being circulated. To do this, Identity Watch will observe and monitor specific online forums where illegally-obtained data is traded and shared. 

If you would like to know more about this service and how it can help protect your interests, talk with Identity Watch today. 

1 Internet Security Threat Report 2014. Symantec. Accessed 12/09/2015

2 Internet Security Threat Report 2014. Symantec. Accessed 12/09/2015