Skip to content Skip to footer

What Is Ransomware?

What Is Ransomware?

Ransomware is a form of malware. Cybercriminals use ransomware as a tool to steal data and essentially hold it hostage. They only release the data when they receive a ransom payment. Organizations most vulnerable to ransomware attacks hold sensitive data, such as personal information, financial data, and intellectual property.

Ransomware dates back to the 1980s but did not become widespread news until the early 2000s. Today, ransomware attacks are the third-most used cyberattack method, accounting for over 10% of all data breaches. The emergence of cryptocurrency made ransomware even more appealing, as it simplifies the ransom payment.

Technology plays a big role in ransomware, as cybercriminals continually advance their methods to quickly gain access and encrypt data. More companies are digitalizing, partly due to COVID restrictions and precautions. As such, more data is available in remote settings than ever before. 

Ransomware is here to stay, so keep reading to learn how your organization can reduce ransomware risk.  

Ransomware Meaning: The Evolution of Ransomware

Ransomware technology was first developed by a Harvard-trained evolutionary biologist by the name of Joseph L. Popp. He launched the AIDS Trojan by giving diskettes infected with ransomware to attendees of an international AIDS conference held by the World Health Organization in Stockholm, Sweden. The code hid file directories on their computers and demanded $189 be sent to Panama to free up their computers.

Even though the risk of ransomware has come a long way since then, its primary mission remains the same: to extort or scam money from unsuspecting users. It evolved from existing on a diskette to traveling across the internet, through emails, sound, and video downloads—and even inside images. In recent years, it has been a tool for cryptominers, who need computing power to generate cryptocurrencies. Because mining digital assets requires a lot of expensive electricity, ransomware has been developed to force a user’s computer to mine crypto—all for the benefit of a cryptominer hundreds or thousands of miles away.

How Does Ransomware Work?

Firmware updates enable hardware devices to continue operating efficiently and securely. These updates typically involve some form of program alteration that fixes a known bug or patches against specific vulnerabilities. 

How does ransomware work? Regardless of the ransomware definition, once it enters your computer, it secretly infects it. The software then proceeds to attack files and access and alter credentials without the user being able to tell. As a result, the computer infrastructure is effectively held hostage by the person who controls the malware.

File Encryption

Ransomware known as cryptoware encrypts the files of the victim’s work or personal computer. This makes it so the computer’s owner cannot search for or access these files unless they pay a ransom to the attacker. The attacker is the only one who can access the files because they are hidden behind the encryption password. Sometimes, the attacker will lock out the entire computer and then demand a ransom before releasing the new password.

With leakware and doxware, the attacker threatens to publish sensitive information on the victim’s hard drive if they do not pay a ransom. Companies with private proprietary information like patents and sensitive schematics may find themselves a favorite target of leakware and doxware.

Ransom and Demands

Hackers tend to ask for payment settlements using methods such as Western Union or through a text message. This helps them hide their identity. Once they have the money, they decrypt the files and free up the system. Some demand bitcoin ransomware settlements due to their anonymity and a lack of a middleman.

Keep in mind that some attackers masquerade as U.S. law enforcement or government officials. They may say they are shutting down the victim’s computer because pornography or pirated software was found on it. They then demand the victim pay a “fine” before they release their computer.

Leave a comment