Ransomware is a kind of malware that is largely spread using phishing emails. Once it has access to a system, it encrypts data so that it is unusable by the owner of said data. A message is then delivered demanding that a ransom is paid for a decryption key. Here are three of the most notorious examples of ransomware.
Wannacry is probably the most infamous and destructive ransomware attackever conducted. One of the things that made this attack so unique and dangerous was its origin. Wannacry was developed by the Lazarus Group – a shadowy hacking network known to have links to the government of the Democratic People’s Republic of Korea. The DPRK, usually referred to a North Korea, is a heavily sanctioned country. This means that it has had to turn to some unorthodox ways of raising cash. Drug dealing, covert arms dealing, and human trafficking are all in the DPRK government playbook. Ransomware proliferation was a way of raising money that must have seemed almost as perfect as simply printing fake dollar bills – something that they had also tried with some success. Wannacry ransomware targeted healthcare providers, banks, and technology companies. The software encrypted huge amounts of sensitive data and eroded public confidence in institutional security. Members of the Lazarus Group have been charged in absentia in courts in the United States, although it is very unlikely that they will ever truly be brought to justice.
While most ransomware only demands a small fee for the decryption of data, Ryuk typically displays a message asking for around 300,000 dollars. Millions of dollars have been lost to this malicious software, which is spread via phishing emails. The attack began in 2019 and largely targeted major American news outlets. Ryuk is not randomly distributed: it is a targeted software aimed at companies that are likely to be able and willing to pay high ransoms. It specifically targets windows operating systems. It is thought to have Russian or North Korean origins, although the creators of this malware have never been positively confirmed. Ryuk is part of a devastating new wave of highly targeted malware attacks. AIDS Trojan is thought to be the first-ever ransomware virus. It was distributed via floppy disk to attendees of a 1989 conference of experts hoping to combat the AIDS epidemic. Created by the Harvard-educated Joseph Popp as an experiment, it is unclear why it was deliberately unleashed on people trying to tackle a major healthcare issue. Popp claimed that he wanted to donate the ransoms to AIDS charities, although this seems like a somewhat weak excuse for targeting the people at the forefront of the battle against the illness. AIDS Trojan did not effectively manage to encrypt data, which led to many people easily retrieving their precious information without sending money to the inbox in Panama that Popp had set up to receive ransoms.
Popp was an evolutionary biologist and may have been trying to experiment with theories of biological dissemination using malware.