Ransomware is a specific type of malware that holds data hostage in exchange for a ransom. It threatens to publish, block, or corrupt data—or prevent a user from accessing their computer unless they meet the attacker’s demands. The number of ransomware detections skyrocketed 820% in 2019, and they’re predicted to cost organizations around the globe $20 billion by 2021.
The Evolution of Ransomware
Ransomware was first developed by a Harvard-trained evolutionary biologist by the name of Joseph L. Popp. He launched the AIDS Trojan by giving diskettes infected with ransomware to attendees of an international AIDS conference held by the World Health Organization in Stockholm, Sweden. The code hid file directories on their computers and demanded $189 be sent to Panama to free up their computers.
Even though ransomware has come a long way since then, its primary mission remains the same: to extort or scam money from unsuspecting users. It evolved from existing on a diskette to traveling across the internet, through emails, sound, and video downloads—and even inside images. In recent years, it has been a tool for cryptominers, who need computing power to generate cryptocurrencies. Because mining digital assets requires a lot of expensive electricity, ransomware has been developed to force a user’s computer to mine crypto—all for the benefit of a cryptominer hundreds or thousands of miles away.
Ransomware is often sent through phishing emails. These malicious attachments infect the user’s computer after being opened. Some, such as CryptoLocker, act as a Trojan horse, infecting your computer and then looking for files to encrypt. Ransomware can also be spread through drive-by downloading, which is when a user visits a website that happens to be infected. The malware on that site is then downloaded and installed without the user even knowing about it.
Social engineering plays a big role as well. This is when people try to manipulate others into divulging personal or confidential information. One common social engineering tactic is using emails or texts to scare the target into sharing sensitive information, open a malicious file, or click on a malicious link.
Malspam is short for “malware spam,” and it is email that delivers malware to the target’s inbox. The attachments or URLs (web addresses) in the email may contain or link to malware, or they may have phishing messages inside it.
Malvertising involves the distribution of graphic or text ads infected with malware. They often cannot be distinguished from normal ads and can appear alongside regular, harmless advertisements.