Annual ransomware-induced costs are projected to exceed $11.5 billion by 2019, according to Veeam. Defined by the Department of Justice as “a new model of cybercrime with a potential to cause impacts on a global scale,” ransomware is a digital form of extortion that executes a one-way encryption operation on a computer that can only be reversed by the attacker.
Ransomware can have devastating impacts on companies, including business downtime and disruption, permanent loss of vital information, damage to systems, and reputational damage.
One of the first notable uses of ransomware took place in 1989, when Dr. Joseph L. Popp sent 20,000 floppy disks to attendees of an AIDS conference organized by the World Health Organization. The diskettes contained a Trojan that encrypted file names and hid directories on victims’ computers. It then prompted victims to connect to their printers, which printed a note demanding that $189 be sent to a P.O. box in Panama in exchange for the decryption key.
In 2006, attackers began using asymmetric RSA encryption to encrypt victims’ files, increasing the effectiveness of ransomware. By 2012, hundreds of thousands of new ransomware variants were being discovered per year. In the years since, ransomware has only increased in its sophistication, effectiveness, and prevalence.
While having and executing proper backup strategies can protect organizations from permanently losing their data, the cost of downtime due to ransomware can cause tens of thousands of dollars in losses per day. In the face of this growing threat, it’s vital that employees receive new-school, interactive awareness training to ensure that ransomware doesn’t get the chance to infect your organization.
The Radware Blog has the story and link to the report: https://blog.radware.com/security/2018/10/origin-of-ransomware/