Ransomware is one of the most keenly recognised threats in the cyber security landscape.
Figures from SonicWall suggest there were 638 million related attacks in 2016, a 167-fold increase on the 3.8 million seen in the previous year which was only mildly up from 3.2 million in 2014.
But while it is getting a lot of attention following the WannaCry and NotPetya incidents of 2017, ransomware itself is far from a new threat.
In 1989, a physical worldwide mailing of 20,000 floppy disks claimed to contain a database about the AIDS virus. It was not called ransomware at the time, but the principle was very much the same.
Ironically, it is not only the threat that is old – so too are the three basic safeguards that can help defend against ransomware attacks.
Just like learning the ABC is fundamental to learning the alphabet, these measures – Anti-malware, Back-up and Critical patching – ought to be fundamental to cyber security.
The aforementioned AIDS Trojan took place in a pre-web age, where financial transactions operated in the real world and trying to monetise such attacks was almost impossible.
By contrast, today’s environment offers plenty of scope for people to launch attacks, collect the money and get away with it.
Therefore, it is unsurprising that the scale of ransomware today far surpasses earlier attempts to extort money using computers.
The re-emergence of ransomware began in the mid-2000s and the Government’s Cyber Security Breaches Survey 2017 indicated that 17 per cent of respondent organisations had experienced ransomware in the prior 12 months, making it the fourth most frequently encountered type of identified breach.
Of course, the reason that ransomware has grown is because it has proven effective and victims are often willing to pay in the hope of getting their data back. Unfortunately, whether they actually get it is sometimes another matter.
Perhaps unsurprisingly, the standard advice is not to pay anyway, because it serves to reward the attackers and encourages the growth of the problem.
That was evidenced, for example, by the case of Kansas Heart Hospital, which paid up only to find the cyber-criminals returning with a further demand.
However, attackers can be virtually assured that some proportion of victims will pay and even a small percentage will be enough for the economics to work in their favour.