Ransomware: Same Old Crime, New High Tech Methods

Ransom, as a crime, hasn’t really changed much over the years. The first American ransom note was used in a kidnapping in 1874 in Philly. In broken English, it read in part, “You wil have to pay us [ ] and pay us a big cent to…[I]f you put the cops hunting [ ] you is only defeeting yu own end.” (Source: Smithsonian.com, The Story Behind the First Ransom Note in American History, By Carrie Hagen, December 9, 2013)

hospital ransomware
Hollywood Presbyterian Medical Center paid a ransom of $17,000 to regain access to the hospital’s electronic medical records system and other computer systems after suffering a ransomware attack.

Fast forward 140 years, and we still face this very same crime with very much the same messages. What’s changed, of course, is the delivery method: criminals of all types (former employees, activists, terrorists, etc) can now deliver ransom-laden software, known as “ransomware,” to users’ computers by way of e-mail and websites, all towards taking something hostage (information, systems, networks) with the promise of releasing it only after getting paid.

Ransomware is defined as “a type of malware that prevents or limits users from accessing their system. [It] forces its victims to pay [a] ransom through certain online payment methods in order to grant access to their systems, or to get their data back. ” (Source: TrendMicro). Ransomware has been around a while (the first cases were reported in 2005 – 2006 in Russia); however, the last few years, and 2015 in particular, have witnessed a significant increase in these types of attacks. The first quarter of 2015, by way of example, “…saw a 165 percent increase in new ransomware…” (Source: betanews, “Ransomware sees 165 percent increase in 2015,” by Ian Barker, May 2015).

That growth of ransomware has continued into 2016:

ransomware CIO mag
A new kind of Android malware called Xbot steals online banking credentials and can hold a device’s files hostage in exchange for a ransom.

It’s now clear that ransomware is a serious and growing threat that can cost people and companies dearly (according to a Nov. 2015 report, Crypto Wall 3 ransomware was responsible for approximately $325 mil in damages since its discovery in Jan. 2015). (Source: LavaSoft, Cryptowall Ransomware Costs Users $325 million in 2015,” November 2, 2015). As such, for-profit organizations and non-profits alike will do well to be careful, vigilant and on the lookout for ransomware attacks, and make their employees aware of the same with training and awareness designed to stop these attacks before they begin.

Leave a Reply

Your email address will not be published. Required fields are marked *