Software that demands money with menaces has hit the big time
Cyber-attacks that threaten to publish a victims data or block access to it unless a ransom is paid have grown internationally since 2012.
Sodinokibi and Travelex
Hackers attacked Travelexs network on New Years Eve, stealing customer data including dates of birth, credit card information, and national insurance numbers. The ransomware gang responsible, Sodinokibi, has demanded 4.6m in return. The currency exchange service has yet to respond; its websites across Europe, Asia, and the US remain down for planned maintenance.
The first significant ransomware attack on a grand scale, CryptoLocker spread via infected email attachments from 2013 to 2014, encrypted private user data and demanded payment in exchange for the decryption key. Infecting more than 500,000 machines, its operators are believed to have extorted around 2.3m.
This targeted computers running the Microsoft Windows operating system in May 2017: within a day, it had infected more than 230,000 machines in more than 150 countries. In the UK, where about a third of NHS hospital trusts were affected, the attack is estimated to have cost the health service 92m.
In 2019, the Baltimore city government found its computer systems hacked by an aggressive ransomware variant known as RobbinHood, with its operators demanding 13 bitcoin (roughly 78,600) in exchange for restored access to information. The attack disrupted property purchases, water bills, and city charges, eventually costing the city 13.8m.
Named after a demon from anime series Death Note, Ryuk made almost 500,000 in two weeks by attacking organisations that worked on tight deadlines. This included the LA Times and a North Carolina water firm. While its source code was derived from a product of the North Korean Lazarus Group, it is thought Ryuks originators are Russian. Jonathan Chan
Read more: https://www.theguardian.com/technology/2020/jan/12/the-five-ransomware-attacks-nhs-travelex