2017 has been the year of ransomware. While the file-encrypting malware has existed in one form or another for almost three decades, over the last few months it’s developed from a cybersecurity concern to a public menace. The term even made it into the dictionary in September.
In particular, 2017 had its own summer of ransomware: while incidents throughout 2016 showed the potential damage — both operational and financial — ransomware can cause to organisations, it was in the space of six weeks during May and June this year that the impact of ransomware really became apparent.
First WannaCry hit hundreds of thousands of systems around the globe, thanks to worm-like capabilities of a leaked NSA exploit being attached to the ransomware. The UK’s National Health Service was particularly badly hit and thousands of appointments were cancelled.
Weeks later came another global ransomware epidemic in the form of Petya, equipped with similar worm-like features, plus the ability to irrecoverably wipe data from infected machines.
If making money from ransom was the end goal, neither campaign was successful. Those behind WannaCry — intelligence agencies suspect North Korea — eventually cashed out $140,000 from the Bitcoin wallets associated with the attack, something of a paltry sum considering the scale and impact of the campaign.
But what both WannaCry and Petya outbreaks managed to do was make it clear just how much of a problem ransomware has become. And it hasn’t gone away again either with the recent Bad Rabbit ransomware attacks in Russia and Ukraine showing that malware writers are still working on new versions.
Read more…
Source: ZDNet