Whether local business, large corporation, or an entire city, the risk of ransomware attacks is increasing. In a ransomware attack, computer systems or networks are held hostage if a payment is not made. In 2020 alone, roughly $350 million was paid in ransomware attacks in the U.S. But, what is the history of ransomware, and how can we combat it?
The first known ransomware was distributed around 1989. This ransomware was called “AIDS” and was contained on floppy disks. Once the ransomware was deployed, victims were forced to mail payments to a P.O. Box in Panama in order to regain control of their computers.
Since the 80’s, there has been a significant growth in ransomware attacks.
According to Professor Damon McCoy of New York University’s Tandon School of Engineering and cybercrime expert, this growth has been fueled by the success of these attacks. Early attackers took some of their profits and worked to improve and commodify infrastructure to make ransomware increasingly successful. This creates a “vicious cycle” of increasingly effective attacks.
The Justice Department reports that 75% of ransomware attacks target small businesses. Most target software that is not up-to-date. Additionally, a high percentage of ransomware attacks feature law-enforcement impersonation. Rather than mailing checks to Panama, modern ransomware payments are frequently made using cryptocurrencies like Bitcoin, which are less regulated. In fact, in June 2021, the department seized $2.3 million in Bitcoin from the ransomware group DarkSide which is suspected to be involved with the Colonial Pipeline attack.
So, how can ransomware attacks be addressed? The easiest way to respond to ransomware attacks is to proactively prevent them from occurring. While the cybersecurity standard is to address ransomware and other attacks once they cause a breach, AppGuard is different. With AppGuard, ransomware is unable to attack because it PREVENTS endpoint and server breaches entirely. LinkGuard prevents lateral movement within the enterprise to ensure critical infrastructure is not impacted with network isolation and containment. So, rather than continuing with business as usual and hoping for the best, organizations are assured they are protected from disaster ever occurring in the first place.