If you want to scare someone who works in IT, start talking to them about ransomware.
There are few things as scary for IT professionals as the prospect of their systems locking up with hackers demanding money to return things back to normal.
When discussing it, you may notice them breaking into a sweat and starting fidgeting as they contemplate one of the most terrifying cybersecurity threats computers face.
How does ransomware spread?
There are several ways that ransomware can get into computers.
Email is one of the most common ways in. Hackers will send bad files that can trigger a ransomware infection when opened and quickly spread across your network.
Another favorite way to spread ransomware is to send bad URL links that download ransomware when they’re clicked. This ‘drive-by downloading’ can happen without anybody noticing that anything has happened until it’s too late.
These bad files and links are not always easy to spot. Cybercriminals are getting increasingly sophisticated in the ways they try to persuade people to do what they want them to do.
A growing trend is for cybercriminals to pose as trusted people, like a client, a colleague, or a friend. And ask you to do something urgently before you have the time to think things through.
This isn’t a modern crime. Ransomware’s been around for years
Ransomware dates to the late 1980s when payment was often sent by check through the mail!
Now, modern hackers normally demand payment in cryptocurrencies that make them much more difficult to track.
Here is some information on two of the more infamous ransomware attacks.
WannaCry
The WannaCry ransomware attack took over the news when it spread widely in 2017.
More than 200,000 computers in over 100 countries were left useless. The ransomware exposed weaknesses in critical IT systems, like those in hospitals and factories.
One of the worst-hit victims was the National Health Service (NHS) in the UK. Operating theatre equipment, MRI scanners, and other computers essential for hospitals were left useless and patients suffered.
NotPetya
NotPetya is less well-known than WannaCry but the financial costs are estimated to have been far higher.
Mainly spread among businesses due to the early infection of a major financial software vendor, the cost of this ransomware to small businesses and governments is estimated to have been around $10 billion.
This attack impacted computers around the world. But around 80% of the cases are estimated to have been in Ukraine.