Introduction to Ransomware

A look at when the first on record “ransomware attack” occured

As technology develops, bad actors will find ways to exploit new technology for fraudulent purposes. In 1834, for example, brothers Francois and Joseph Blanc exploited a vulnerability in France’s government-only semaphore telegraph network in order to gain an advantage in stock market trades. It went undiscovered for two years, and when they were finally caught, the French government was unable to convict the duo because there was no law in the books against the misuse of data networks. This incident is widely considered to be the first cyberattack in history.

Ransomware – An overview

Modern cyberattacks are much more varied, wider-reaching, and damaging than the Blanc brothers’ scheme. One type of cyberattack that is becoming increasingly common is ransomware attacks, with one estimate placing the number of ransomware attacks in 2018 alone at over 200 million. Ransomware attacks can end up costing millions of dollars—a cost that isn’t just measured in ransom paid, but also in downtime, data loss, and lost productivity.

Per the U.S. Cybersecurity and Infrastructure Security Agency, “Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.”

Ransomware first started gaining traction in the mid-2000s but it really took off in 2013 with the advent of crypto-ransomware. Older ransomware methods relied on wire transfers and other forms of payment that used regular currency, which made it easier for law enforcement to locate attackers. By contrast, crypto-ransomware uses cryptocurrency such as Bitcoin to facilitate instant payments that are essentially anonymous and untraceable. Large organizations such as cities, hospitals, and companies are now the primary targets of ransomware attacks, whereas in the past individuals were more likely to be targeted.

It’s estimated that in 2019, a security breach will happen every 14 seconds.

Download our Ransomware Preparedness Toolkit to stay ahead of the curve when it comes to protecting your data.

Best practices for ransomware defense

The U.S. Cybersecurity and Infrastructure Security Agency recommends the following:

• Update software and operating systems with the latest patches. Outdated applications and operating systems are the targets of most attacks.
• Train members of your organization on best security practices, including never clicking on links or opening attachments in unsolicited emails.
• Restrict users’ permissions to install and run software applications and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
• Use application whitelisting to allow only approved programs to run on a network.
• Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound emails to prevent email spoofing.
• Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
• Configure firewalls to block access to known malicious IP addresses.

Contact us to learn more about how our security solutions can help keep your organization safe and successful.