The History of Ransomware
Did you know that the first known ransomware attack took place over 30 years ago, in 1989? A Harvard-taught evolutionary biologist named Joseph Popp, widely recognized as the creator of ransomware, created a malware program and sent it out on floppy disks to over 20,000 individuals on a conference mailing list. While malware already existed, the addition of extortion was new. When inserted, the disk would lock up the computer, and a demand to send $189 to a P.O. Box appeared on the screen.
It is unclear if anyone sent the ransom or not, but the malware itself was apparently simple to work around. “While the conception is ingenious and extremely devious, the actual programming is quite untidy,” Virus Bulletin, a journal for IT professionals, wrote about the program. Still, with over 20,000 disks sent out, some individuals were unable to recover their data. The motives behind the attack remain unclear as the attempt was not financially successful—especially considering the cost of mailing 20,000 floppy disks worldwide.
The Current Landscape
Since this initial incident, cybercriminals have grown more successful in their attempts at digital extortion. For example, in a recent attack, one U.S. insurance company paid out $40 million to gain back access to their networks and data. That is a far cry from the first ransomware demand of $189.
While in its infancy, ransomware was low risk for most computer users and low reward for most cybercriminals, but the threat of ransomware has increased and grown to become highly profitable for criminals. The pandemic further exacerbated the ransomware problem. Acting Deputy Attorney General John Carlin said 2020 was the “worst year” to date for ransomware. Furthermore, considering the vulnerability of the nation’s infrastructure and the potential damage to critical industries–like financial services and healthcare—this growth in ransomware has prompted law enforcement and government officials to prioritize it as a risk. To that end, the U.S. Justice Department has formed a task force to address the problem of ransomware, discover its root causes, and act as a disrupter to cybercriminals and their networks.
Even with the latest emphasis on combatting cybercrime, ransomware will continue to be a severe risk for the unforeseeable future. Mitigate your organization’s risk by partnering with an MSP that offers cybersecurity, regulatory compliance, and backup and disaster recovery expertise. Coretelligent’s white-glove IT service includes solutions that provide the protection your organization needs. CoreArmor is a comprehensive cybersecurity solution that can keep you in compliance with the latest regulatory requirements. CoreBDR is our backup and disaster recovery solution that will help get you up and running should the worst happen.