Ransomware is an industry worth millions of dollars, and as each year passes, hackers are making the business of infecting companies worth even more. Leading cyber research firm, Cybersecurity Ventures, predicted that by the end of 2017, ransomware would become a $5 billion dollar industry. As we take a look back at the worst ransomware attacks of 2017, we’ll see why and how cyber criminals are making this possible. What made the list? Read on.
In May of 2017, the ransomware WannaCry hit the world hard—spreading across 150 countries from Russia to China to the UK and the United States. The ransomware spread everywhere and affected over 300,000 computers worldwide. By utilizing and exploiting a Microsoft Windows vulnerability, hackers delivered the ransomware to users in the form of phishing emails. Once the files were activated, computers and their data were automatically encrypted and held hostage until the ransomware was paid via bitcoin. Users who failed to pay by the deadline had their data stolen and wiped.
The ransomware attack was short lived, but affected a huge number of users and industries from law enforcement to hospitals to transportation to banking and many more. In only a six week period, the attacks raked in over $130,000 USD and it was estimated that in total, the ransomware cost millions in damages from loss of work productivity, data exposure, and security issues. Although WannaCry made our top list for worst ransomware attacks of 2017, it is categorized as one of the worst ransomware attacks in all history.
NotPetya made headlines in June 2017 as it sent waves across Europe. Utilizing the same vulnerability in Microsoft Windows that the WannaCry ransomware used, the newest strand of the Petya ransomware family infected major business organizations in the Ukraine. Unlike how WannaCry operated, where users needed to download an infected email attachment, the NotPetya ransomware spread from computer to computer on its own without user action. Hackers infected servers on an accounting software which almost every company in the Ukraine used, and from there, the virus spread like wildfire, affecting industries from government to law to banks to hospitals and more. And, just like WannaCry, users’ computers were encrypted and payment was demanded.
The ransomware spread from the Ukraine to other areas such as France, Germany, Italy, the UK, the United States, and Russia. The total cost in damages incurred over $300 million and caused major issues throughout the Ukraine. Many analysts believe that the attacks were not intended to exert money, but rather severely cripple IT systems. Maersk, a global shipping company, had their global network system compromised, and they were forced to shut down at over 76 ports globally. The CEO of the company, Soren Skou, said, “Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect that the cyber-attack will impact results negatively by $200-$300 million.” That alone was enough to land NotPetya on our list of worst ransomware attacks of 2017.
The Locky ransomware has a had a turbulent past in trying to infect users. Appearing all through 2016, Locky came back in mid-summer of 2017 with a vengeance. In August, Locky ransomware introduced two new strands of the virus. zDNet reported that in a 24 hour timespan, the spam campaign sent over 23 million emails to users in the United States containing the Locky ransomware. It fast became one of the largest spam campaigns of 2017.
The malware was hidden in a ZIP file of an attachment on the email, and once clicked, users’ computers became infected, encrypted, and locked down. In order to get their data back, users were prompted to pay $2,300. The ransomware affected users in over 28 different countries.
The list for the worst ransomware attacks of 2017 could go on and on, so we’re mentioning a few more that made a big financial splash in 2017: Cerber, Jaff, CyrptoMix, CrySis, and Nemucod. Unfortunately, there is a lot more where that came from, so for 2018, cybersecurity and ransomware protection is something your company should absolutely be investing in.
zbrella Technology Consulting firm is an IT Helpdesk and Cybersecurity Solutions firm specializing in ransomware and malware defense for business in the New York and Miami area. Contact us today for a Cybersecurity evaluation and explore how we can raise your cybersecurity defense. Call us at 718-355-9155.