.In the chronicles of history, 1989 was a milestone year. The first digital pay-off scheme, known as a ransomware attack, made its debut.
Oh yeah; the inception of ransomware also coincided with other notable events such as the downfall of the Berlin Wall and the first liver transplant from a living donor.
Ransomware makes its entrance.
As mentioned, the first recorded ransomware attack occurred in 1989 when Harvard-educated biologist and researcher Joseph Popp, Ph.D., sent 20,000 compromised floppy disks to attendees of a World Health Organization AIDS conference. The malware program installed on the floppy disks, eventually known as the AIDS Trojan, would infect computers by encrypting file names and hiding directories. Once triggered, the program would demand $189 sent to an address in Panama.
Today, ransomware is more commonplace than ever before, seizing control of major utilities, shutting down food production, and harming businesses large and small. And, ransomware comes with a lofty price tag, costing impacted organizations upwards of $20 billion a year.
A ransomware attack occurs when an illicit computer program is hidden or embedded in what appears to be an ordinary file contained in an email, or another shared electronic medium. Once opened, the victim’s files are encrypted until a ransom of a pre-determined amount is paid. Otherwise, the perpetrator will deny access.
Combatting a ransomware attack in 3 steps
Fighting ransomware, like any computer virus, comes down to three simple steps:
- Knowing the route of transmission – identify the most common ways ransomware can infect a system. They include phishing and spear phishing emails (essentially fake emails encouraging clicks), SMSphishing (phishing for texts), social media, and instant messaging apps.
- Updating your “digital vaccine” – use the latest anti-virus software and anti-malware products to “catch” the intrusion when it happens.
- Initiating “smart siloing” – segment your data network and reduce network sharing for non-essential computers and PDAs. Only grant the lowest level of data access to allow users to do their work.
What happens if you’ve been attacked?!
Of course, what happens if you’ve already been attacked? In that case, organizations must:
- Train your employees to identify where the data breach took place and isolate it as quickly as possible.
- Uncover the type of ransomware. (Many will self-identify. But, contacting your cybersecurity company, like Sentribit, is an excellent place to start.)
- Report the ransomware attack to the FBI and determine your course of action: pay the ransom, remove the malware, and/or delete your computer.
Ransomware celebrates another birthday.
It’s been 32 years since the first ransomware attack, and it’s unlikely such cybercrimes will end any time soon. However, by following our preventative and post-attack advice, we can lessen the impact of ransomware.
That’s a milestone we can all embrace.
With the help of Sentribit, your business can thwart the efforts of hackers and their ransomware tactics. Our solutions include a comprehensive security awareness training program to help your staff understand what to look for at the point of attack. Or, take advantage of our Essential Cybersecurity Bundle, which includes the tools your company needs to fend off the next ransomware attack.