CSO spotlight: Ransomware

Recent ransomware attacks define the malware's new age

By 2018, the ransomware boom seemed to have peaked. But over the past 24 months, shifts in hacker tactics have resulted in a resurgence of ransomware attacks.

Kaptnali / Getty Images

History of ransomware

Ransomware, a type of malware that holds data for ransom, has been around for years. In 1991, a biologist spread PC Cyborg, the first ransomware, by sending floppy disks via surface mail to other AIDS researchers, for instance. In the mid '00s Archiveus was the first ransomware to use encryption, though it's long ago been defeated and you can find its password on its Wikipedia page. In the early 2010s, a series of "police" ransomware packages appeared, so called because they purported to be warnings from law enforcement about the victims' illicit activities and demanded payment of "fines"; they began to exploit the new generation of anonymous payment services to better harvest payments without getting caught.

In the 2010s, a new ransomware trend emerged: the use of cryptocurrencies as the ransom payment method of choice by cybercriminals. The appeal to the extortionists is obvious, as cryptocurrencies are specifically designed to provide an untraceable, anonymous payment method. Most ransomware gangs demanded payment in bitcoin, the most high-profile cryptocurrency, although some began shifting their demands to other currencies as bitcoin's popularity made its value more volatile.

Attacks shot up in the middle of the 2010s to crisis levels. But by 2018, the ransomware boom seemed to be on its way out, in favor of another illicit way to snag bitcoin that didn't require victims to figure out what a bitcoin wallet was: cryptojacking. Cryptojackers follow the script that spammers and DDoS attackers have been using for years: surreptitiously gaining control of computers without their owners knowing. In the case of cryptojacking, the compromised machines become bitcoin mining rigs, quietly generating cryptocurrency in the background and eating up idle computing cycles while the victim is none the wiser. Ransomware attacks declined over the course of 2018, while cryptojacking attacks shot up by 450 percent.

Ransomware attacks today

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)