The rise and risk of ransomware


Cyber-extortion is sophisticated and lucrative. Paul Haskell-Dowland and Andrew Woodward examine its evolution and threat.

Australian organisations are a soft target for ransomware attacks, say experts who this week issued a fresh warning that the government needs to do more to stop agencies and businesses falling prey to cyber-crime.

But in truth, the danger has been growing worldwide for more than three decades.

Despite being a relatively new concept to the public, ransomware has roots in the late 1980s and has evolved significantly over the past decade, reaping billions of dollars in ill-gotten gains.

With names like Bad Rabbit, Chimera and GoldenEye, ransomware has established a mythical quality with an allure of mystery and fascination. Unless, of course, you are the target.

Victims have few options available to them; refusing to pay the ransom depends on having good enough backup practices to recover the corrupted or stolen data.

According to a study by security company Coveware, 51% of businesses surveyed were hit with some type of ransomware in 2020. More concerningly still, typical ransom demands are climbing dramatically, from an average of US$6,000 in 2018, to US$84,000 in 2019, and a staggering US$178,000 in 2020.

A brief history of ransomware

The first known example of ransomware dates back to 1988-89. Joseph Popp, a biologist, distributed floppy disks containing a survey (the “AIDS Information Introductory Diskette”) to determine AIDS infection risks. Some 20,000 of them were reportedly distributed at a World Health Organization conference and via postal mailing lists. Unbeknown to those receiving the disks, it contained a virus of its own. The AIDS Trojan lay dormant on systems before locking users’ files and demanding a “licence fee” to restore access.

The 1989 AIDS Trojan (PC Cyborg) ransom demand.
Joseph L. Popp, AIDS Information Trojan author, Public domain, via Wikimedia Commons

Although…

Source…