The havoc wreaked by the recent Colonial Pipeline ransomware attack—which caused a gas shortage in the southeastern United States and cost the company a reported $850,000 to resolve—highlights the immense risk ransomware poses to companies and national security.
The threat of ransomware is nothing new
The Colonial Pipeline is just the latest target in a long history of high-profile ransomware attacks:
- In 1989, the first reported case of ransomware was motivated either by a desire to increase AIDS awareness or revenge for no job offer, depending on whose story you believe. The PC Cyborg Trojan or AIDS Trojan was created by Dr. Joseph Popp and spread via floppy disk to 20,000 AIDS researchers around the world. The floppy disk contained a survey and AIDS educational resources—and the malware. Once the disk was inserted into a computer, the computer’s 90th subsequent reboot produced a demand for $189 sent to a Panamanian post office box.
- In the early 2010s, as use of inexpensive internet-enabled devices became ubiquitous, the creators of the FBI MoneyPak ransomware, aka Reveton, extorted an estimated $915,000 from unwitting users before they were arrested. FBI MoneyPak/Reveton spread through ads (often placed on adult websites) that contained malicious code. An infected device would freeze and display a message stating the federal government had seized control of it due to alleged illicit online activities. Payment was demanded through MoneyPak.
- During fall 2013 and most of 2014, approximately 500,000 devices fell prey to CryptoLocker, which, like the AIDS Trojan and Reveton, exploited social engineering. The malware arrived via an email attachment that appeared to be a PDF about something semi-urgent (a delivery, a customer service complaint, etc.), but was actually an executable program. The program encrypted files and demanded $300 in Bitcoin for their release, a scheme that raised about $3 million for the Russian hackers behind the attack prior to their apprehension.
The moral of the story: Ransomware isn’t going anywhere—and it will continue to prey on users’ sense of responsibility and fear of embarrassment. The best defense is a combination of regular security updates, file backups, and cybersecurity training so users are constantly on the alert for shady attachments and links.
Photo: guruXOX / Shutterstock