The idea behind ransomware, a type of malicious software, is simple. It locks and encrypts the data on the victim's computer or device, then demands a ransom and restores access.

Victims often have to make payments to cyber criminals within a certain period of time, or they may become permanently inaccessible. Also, because cyberattacks are often implemented by cyber snows, paying a ransom does not guarantee that access will be restored.

The ransomware holds personal files hostage and protects users from documents, photos, and financial information. Although these files are still on your computer, the malware encrypts your device, making it inaccessible to data stored on your computer or mobile device.

The idea behind managed ransomware services may be simple, but the counterattack may be more complex if you are the victim of a malicious ransomware attack. Also, if the attacker does not provide the decryption key, it may not be possible to regain access to the data or the device.

The Origins of Ransomware

How did the ransomware start? Initially targeting individuals, subsequent ransomware attacks were tailored for larger groups, such as companies, with the goal of generating larger payments. The following are notable dates in the ransomware timeline. It shows the start date, progress and current location of the ransomware.

PC Cyborg was also known as an AIDS Trojan in the late 1980s. This was the first ransomware released by AIDS researcher Joseph Popp. Popp launched the attack by distributing 20,000 floppy disks to other AIDS researchers. These disks contained malware requesting payment and encrypting the C: directory file after 90 restarts.

The threat implemented a weak form of RSA encryption in the victim's personal files until the victim paid a ransom.

This form of ransomware blocked the victim from the desktop and displayed a pornographic image on the screen instead of encrypting the file. To remove the image, the victim had to pay a ransom with a paid SMS.

This so-called law enforcement ransomware blocked victims from their desks, displaying what looked like pages from the FBI and other enforcement agencies. This fake page accused the crime victim and told him to pay a fine with a prepaid card.

2013 CryptoLocker. Ransomware tactics continued to advance, especially until 2013, with this military-grade encryption that uses key storage on remote servers. These attacks penetrated over 250,000 systems and earned $ 3 million before going offline.

Locky 2016. The so-called Locky ransomware was delivered via email using social engineering. When it was first released, potential victims were invited to click on the Microsoft Word attachment, thinking the attachment was an invoice to be paid. However, the attachment contained a malicious macro. The recent Locky ransomware has evolved to use JavaScript files. This is a small file that anti-malware products can easily bypass.

2017 Wanna Cry. These recent attacks are examples of ransomware encryption that can spread anonymously between computers, affecting businesses around the world.

Sodinokibi in 2019. The cybercriminals who created this ransomware used managed service providers (MSPs), such as dental clinics, to infiltrate victims on a large scale.

Ransomware remains a popular attack vector and continues to evolve as new families of ransomware are discovered.