Where Does Ransomware Come from?September 18, 2020 | By Comodo
Wondering where ransomware comes from is akin to asking the origin of computer malware. Virtually all computer programs are developed with codes based on several programming languages.
Where does ransomware come from? As you have read above, ransomware is a malicious computer program like other malware you may know. Ransomware developers are cybercriminals whose primary intention is to attack computer users, encrypt their data and request a ransom.
Ransomware began in 1989. The first attack was best known as the AIDS Trojan. This is because the attack targeted attendees of an AIDS seminar organized by the World Health Organization (WHO). The creator of the ransomware, who was also an AIDS researcher tricked the attendees into believing the diskettes he distributed contained information about AIDS. But the original content was malicious codes that ceased the attendees’ files. This attack was neutralized, and the ransom avoided, but it sets the pace for today’s rampant ransomware attacks. Of course, the methods of spreading ransomware follow the same pattern of tricking users into thinking the content contains useful information.
What About Ransomware Today?
Since the pace was set, ransomware attacks have continued to flourish, ripping businesses, individuals and government agencies millions of dollars.
The attacks gained more momentum in the mid-2000s and have been targeting healthcare providers, schools, and other data-driven organizations. For instance, the Baltimore City government was hit by a ransomware attack in 2019, which cost them $18 million to recover their systems. Not to mention that the attack lingered for one month and activities were stalled throughout the attack.
It was also reported that a popular oil and gas company in the United States suffered a harsh ransomware attack that ceased all their essential documents. It took them some time after paying the ransom to recover their data.
There are similar cases of ransomware attacks around the world, threatening not just the industries mentioned above, but everyone. Ransomware attacks have no defined target. Once the attackers notice you have important files that drive your day-to-day business operations, you’re automatically added to their watch list. There are cases where the criminals may leave the malware on your computer for several months to get the best information for possible attacks.
What does this imply? No one is immune to ransomware attacks, and the best thing is to prevent the attacks. How? Before we look into the preventive measures, let’s consider how the ransomware is spread across computers.
How Ransomware Spreads
Ransomware criminals deploy various methods in spreading the malware before eventually launching attacks. We’ll consider some basic ways below. Keep in mind that all methods are directly and indirectly linked to phishing. If you can detect phishing emails, ads, software, social media content, etc., you’re a step ahead in preventing ransomware attacks.
That said, here are the basic ransomware spreading methods:
You probably know that there are a lot of email scams going on. If you don’t find them in your spam folders, you may have heard of people complaining of receiving several spam emails. Most of them contain attachments with malicious codes, asking you to open it for whatsoever. This is a phishing method intended to send malicious codes to your computer once you open the attachment. This method is widely used by ransomware criminals.
If you have a network of computers, the malware can spread to other computers from one computer it infected. You want to be careful with opening attachments from unknown senders. You’re more vulnerable to ransomware attacks if you have several employees, especially if they work from home. But you can prevent this by training your employees on basic cybersecurity rules.
Cracked software is known to house malicious computer programs. Installing such software opens your computer to malware attacks. Also, pirated software does not receive updates from the developers, making it vulnerable to cyber-attacks. You should avoid downloading software from untrusted websites.
Other methods of spreading ransomware attacks include content from social media, websites pop up, suspicious sites, etc. However, the methods revolve around phishing, so you can detect an attack quickly if you’re conscious of phishing scams.
Preventing Ransomware Attacks
From the above, you already know ransomware can be prevented through avoiding phishing content and avoiding cracked software. But is that all you need to protect against ransomware attacks? Of course no! While you may be careful with malicious content, you do buy software from a compromised vendor, which could get your system infected. Yes, software vendors are not left; they are targets of ransomware attacks too.
Here are other ways to prevent ransomware attacks:
- Install active antivirus/anti-malware software.
- Keep all your applications updated.
- Use advanced security systems.
Antiviruses/anti-malware programs can help block ransomware malware from entering your computer. And in cases where the criminals deploy a more sophisticated method of spreading the malware like going fileless, advanced security systems can help you detect and block the malware.
More so, data backup can help protect your data when the odds are against you!