This year, Ransomware has become one of the most serious challenges for businesses all around the world. Approximately, 37% of organisations across the globe have admitted to becoming victims of Ransomware attacks this year alone.
Ransomware is a type of malware that prevents or restricts users access to the device by locking the screen or encrypting their files until a ransom is paid. Encryption of particular file types on infected systems and demand that users pay a ransom via certain internet payment channels in order to receive a decryption key.
The very first Ransomware attack targeted the healthcare industry in 1989. So let’s look at the different types of Ransomware, as well as examples of specific strains and their impact on the security landscape.
The 10 Most Dangerous Ransomware Attacks
1. Jigsaw:
Victims of the Jigsaw Ransomware, which infected systems via malicious emails, were confronted by a photo of Billy, the puppet from the Saw film franchise, and a countdown timer. One of the victim’s files was destroyed if the $150 ransom was not paid within an hour. The number of files destroyed increased with each passing hour. Attempting to restart the device resulted in the deletion of up to 1,000 files. Since then, a decryption key has been publicly released.
2. Zcryptor:
Zcryptor was a hybrid computer worm and Ransomware that was one of the first cryptoworms. It self-duplicated on outside linked devices and networks. Zcryptor encrypts files until the attackers have paid a ransom of 1.2 bitcoin; the payment is been increased to 5 bitcoin after four days.
3. WannaCry Attack:
WannaCry was used against systems in 150 countries during the worldwide cyber-attack in May 2017. In May of this year, it was claimed that the Ransomware had infected nearly 5 million devices. The self-replicating cryptoworm infected high-profile businesses such as the National Health Service of the United Kingdom, FedEx, Honda, and Boeing. WannaCrypt is another name for WannaCrypt.
WannaCryptor and Wanna Decryptor were spread via the EternalBlue exploit, which was published by the National Security Agency and exposed a vulnerability in older versions of Server Message Block. In March 2017, Microsoft provided a patch, although it was not widely updated. It infected by self-replicating as a worm. WannaCry was termed the largest Ransomware outbreak of 2017
4. Bad Rabbit:
A Ransomware strain that has infected Russian and Eastern European organisations. On compromised websites, Bad Rabbit spreads via a fake Adobe Flash update. When the Ransomware infects a device, it redirects users to a payment website where they must pay.05 bitcoin.
5. Spider:
A type of malware that spread across Europe via spam emails. Spider Ransomware is hidden in Microsoft Word documents, which when downloaded, install the malware on the victim’s device. Malicious macros are included in the Word document, which is disguised as a debt collection note. When these macros are run, the Ransomware begins downloading and encrypting the data of the victim.
6. Maze Ransomware:
The Maze is currently the most well-known Ransomware threat to businesses all around the world. It was originally known as “ChaCha Ransomware” and was discovered on May 29, 2019 by Jerome Segura. In the beginning, this Ransomware hacker group used exploit kits like Fallout and Spelvo to conduct attacks.
This ruthless Ransomware is well-known for its new method of attack, in which it uses a variety of tactics to make crucial information public. The Maze Ransomware encrypts all of your files and demands a ransom to restore them. If the victim does not pay the required ransom, the information will be released on the internet.
The threat, however, isn’t idle; the threat actor actively exposes one of the victim’s files on the internet. Even if the victim files a lawsuit against the Maze, the damage has already been done. Cognizant, Canon, Xerox, and other big businesses have been targeted by the Maze malware.
7. NetWalker Ransomware:
NetWalker, also known as Mailto, is a Ransomware strain that is relatively new. Last year, NetWalker was reported to have attacked a number of remote workers, businesses, government institutions, and healthcare organisations.
The NetWalker Ransomware infects the victim’s network and encrypts any Windows devices linked to it. It uses an embedded configuration that includes ransom notes, file names, and several configuration activities when it is executed.
8. Ryuk Ransomware:
Ryuk was one of the first strains to encrypt network drives, destroy shadow copies, and disable Windows System Restore, making it hard for victims to recover without the use of external backups or rollback technology. Ryuk is spread through phishing emails with malicious Microsoft Office documents attached.
In December 2018, it was used in an attack against Tribune Publishing Company. It was used in many attacks against healthcare organisations in 2019 and 2020. Governments, school systems, and other public and private sector businesses are also targets and victims.
9. REvil Ransomware:
REvil is a file-blocking virus and a cyber-threat that encrypts victim’s files and sends a request message after infecting the system. The message warns the victim that the demanded ransom must be paid in bitcoin. If the victim does not pay the ransom in a timely manner, the amount demanded is increased.
REvil Ransomware has made headlines in the news several times due to data breaches. This attack vector has also been known to target A-list celebrities and release their personal information on the dark web.
10. Tycoon Ransomware:
Tycoon is aimed at educational institutions and software enterprises that use Windows and Linux. It is the first Ransomware strain to exploit the Java image, or JIMAGE, format to generate and install a customised malicious Java Runtime Environment build, according researchers.
Tycoon bypasses antimalware systems once within a network and can remain undetected for months before encrypting file servers and demanding a ransom. Some, but not all, of the impacted systems have been decrypted using a decryptor key that has been posted online.
Ransomware attacks can be effortlessly prevented if organizations implement cyber security guidelines and start practicing them regularly by having proper cybersecurity education with proper process and system in place that work together and they need to be regularly reviewed and updated. There are many companies across the world that realize the importance of cyber security after falling victim to cyberattacks. This security negligence can cost an organization more than its revenue if not taken preventive measures.