The Evolution of Ransomware

Ransomware is on the rise and more common than ever. Hackers are finding more complex solutions to gain

Ransomware is on the rise and more common than ever. Hackers are finding more complex solutions to gain unauthorized access to a PC which means we need to step up the mark to make sure we have the best protection possible.

What is ransomware?

For those who don’t quite understand the purpose of ransomware, a cyber criminal will find a way to access a PC through the back end of the operating system and can lock down a PC and hold all data and files for ransom. As an IT professional, we highly recommend that you do not pay the ransom as there is a good chance you may not recover your data after paying the hacker.

Our blog will focus on the evolution of ransomware and where it came from.

First attack

The first ever attack was in 1989 by a man named Joseph Popp, an AIDS researcher. He launched an attack on more than 90 countries by distributing 20,000 floppy disks that showed a users chance of acquiring AIDS through a simple questionnaire. It is better known as AIDS Trojan as the disks also contained malware which demanded a payment of the users for software lease.

However the modern day ransomware came about in 2005 which was the Trojan.Gpcoder.

The Evolution of ransomware

Ransomware attacks have increased by 43% between 2015 and 2016 and it is only set to increase as software and operating systems are becoming easier for the hacker to get in to.

Technological developments

More technology is becoming accessible compared to what there was available in the 1980s. It is possible for criminals to hack phone systems, the internet, servers, PCs etc. This is one reason why ransomware is significantly increasing and more businesses are becoming victim to the attacks.

Back then you couldn’t install ransomware on a mobile device as there was virtually no operating system, just a battery for the device. This era, we have Android, iOS etc. which gives the cyber criminals an extra opportunity and another platform to attempt to gain access to.

Fake application software

In 2005, applications posed as fake spyware removal tools which fooled users to download and authorize the ransomware on their PC. The malware corrupted files and was requested that they pay between £21 and £63 for the license. As it was disguised as malware, the application did not do the job intended. This type of ransomware was targetted mainly at Mac OS X and Windows computers and unfortunately those who used these PCs will of more than likely have been a victim in this attack.

Fake Anti-virus programs

Between 2008 and 2009, cyber crime switched from fake apps to fake anti-virus programs. As the application scam will have become increasingly popular and more recognizable, cyber criminals came across a more aggressive category.

Once the ‘scan’ started to take place on your PC it would flag up a large quantity of viruses and threats in which you would then command the anti-virus program to patch and eliminate. In this case, a user would be asked to pay around £28 – £70 for the issue to be fixed properly. One failure for the cyber criminals is that some users ignored the messages which resulted in profit loss for them.

Locker-ransomware migration

From 2011 to 2012, cyber criminals migrated again from the fake anti-virus scheme to locking and taking control of PCs. This became more disruptive and a more direct approach to getting the ransom they demand. Any person would pay the fine if they had no access to their files right? In fact, that is wrong as you are advised to NOT pay the fine.

The ransom would be between £100 and £150 to gain access back to their data which would be payable through electronic cash vouchers. This type of ransomware has been around since 2008 but did not come in to full effect until 2011 and 12.

Moving from locker to crypto ransomware

To the present day from 2013, crypto ransomware is all about the intentions and demands of the criminal and what they want to achieve. They will hold data and be

prepared to return it for the ransom they demand from the users. Up to a single computer can demand ransom of up to £250 and the ransomware has a much more aggressive demand from the user.



Help is on the way…

If you would like to know what you can do to enhance your data protection against ransomware attacks, fill in your details below and a member of the team will contact you to discuss your concerns further.

Leave a Comment