The first ransomware attack in history is a strange story. It was attempted by a man named Joseph Popp, a Harvard-educated evolutionary biologist who did AIDS research. Although his exact motivations were unclear, he went to the trouble of sending 20,000 floppy disks to people that attended an AIDS conference run by the World Health Organization. The disks had a note on them claiming that they had research information but instead locked the person’s computer and demanded the person send $189 to an obscure address in the country of Panama in order to gain access back to their device. Although this was a bizarre attempt that ultimately got Popp thrown in jail, the method has survived into much more organized, sophisticated, and devastating ransomware attacks.
Simply put, a ransomware attack locks and encrypts a victim’s computer preventing them from accessing certain files, and then demands that the victim pays a ransom in order to regain access. In other words, it is a cyberattack that holds a user’s precious files hostage. In order to pressure the victim into paying the ransom, the ransomware attack will often give the victim a set amount of time to pay or risk losing the data forever. Even if the ransom is paid, there is still no guarantee that the hostage files will be restored.
There are many kinds of ransomware attacks. One common type is called Crypto Malware which targets files, folders, and hard drives. Another kind is Lockers, which locks the user out of their device. Scareware is a type that acts as an anti-virus cleaning tool. It will claim that there is malicious content on the victim’s computer and then demand a payment to remove it. It will often lock the computer or flood the device with annoying pop-up messages. Doxware is another kind that threatens to publish a victim’s information online if they do not pay the ransom. Some of the most common targets of ransomware are groups that do not have high IT security, such as universities. Universities tend to have a lot of files in their systems, making them ripe targets of ransomware. Big organizations, such as banks, medical facilities, and government agencies that have the ability to pay a ransom quickly are also common targets.
In response to the ransomware attacks on the Colonial Pipeline and JBS earlier this year, the Biden administration has set up a ransomware task force to combat future attacks and is offering a 10-million-dollar reward to anyone who has information about ransomware gangs. The Russian organization REvil which was responsible for the May ransomware attack on the Colonial Pipeline seems to have disappeared from the Dark Web and it may be that the United States or even Russia (under United States pressure) secretly took them down.
While political action is being taken, there are other things that individuals can do to protect themselves and their companies from ransomware attacks. It is imperative for users to back up all their files. Users can also install ransomware protection and be careful not to click on sketchy links. However, if one does get hit by a ransomware attack there is also a proper way to respond. Of course, if one has their computer backed up, there may be no need to give in to the attacker’s demands. It is almost never a good idea to pay the ransom, especially because, as stated above, the stolen files may not be given back. A victim of a ransomware attack can also try using decryption tools to restore their files or try resetting their computer to their factory settings. A lot of the victims of the first ransomware attack by Joseph Popp simply used decryption tools to restore their files and ended up not losing their information. The story provides a still-relevant lesson in finding simple solutions to solve problems rather than making a decision based on panic and impulse. If you need a great backup solution, Iler Networking offers multiple options that can be tailored to your needs. For more information, call us at 440-322-4537.
