The Rise of Ransomware Attacks: You Don’t ‘Wannacry’ Anymore


ransomware attacksOne of the ways the Wannacry ransomware attacks was tackled reminded me of a 1996 movie, Mars Attack, I watched a few years ago. It was your basic science fiction movie about an alien invasion from Mars.
All strategies at defeating the aliens, including a nuclear strike, were unsuccessful. The solution turned out to be something as innocuous as a song I have never heard from an equally unpopular artist.
The heads of the Martians exploded anytime that music was played. At the end, I wondered if the movie was just a gimmick to promote a song that I, and I’m sure most people, have never heard of.
The Wannacry malware was stopped in its first week not by some sophisticated programming by security experts, but by something as simple as registering a domain name. Something anybody can do.

So simple it was ludicrous

It is a winnable bet that security hackers worked around the clock to find ways to stop the Wannacry bug.
One of them goes by the name of MalwareTech. While analyzing the bug, he discovered that the bug was always trying to contact a website prior to attacking the host computer or network.
The website though was not registered. So MalwareTech bought and registered the domain name and launched the site. That was it. Registering the website and launching it stopped the bug from spreading.
But MalwareTech only registered that website to further study how Wannacry worked, hoping that it would aid him in finding a solution. He never knew the solution was that simple. The law of unintended consequences working in our favor for once.

A brief His history of ransomware

Before the Wannacry ransomware attacks, most of the world never bothered about the problem. Ransomwares were relegated to a sub-heading under computer viruses.
However, the menace of ransomwares have been with us even before the internet. The first notorious case was known as PS Cyborg or AIDS Trojan created in 1989 by a mentally unstable but brilliant Harvard Biologist known as Joseph L. Popp.
He used an infected diskette labeled ‘Information about AIDS’ to spread the malware. He distributed about 20,000 diskettes to participants attending a WHO-organised International AIDS conference.
The malware infected their computers and after several reboots of the computer, it was able to seize files and folders and encrypt them. Owners of the infected laptops were asked to pay about $20 to get their files back.
Joseph Popp was eventually arrested but couldn’t stand trial because of his mental state.
The advent of the Internet presented hackers with a massive opportunity to repeat the Popp’s method on a larger scale. By 2006, the criminals had developed better encryption methods to create malwares.
The ransomware really became an epidemic in 2011 when about 60,000 were discovered. But these were mostly small-scale attacks that could easily be solved without paying ransom to anybody

2016: the year of Ransomwares

A recent report about the rise of ransomware attacks showed that 2016 stood apart as the year of ransomware attacks. The combined total of all ransomware attacks since the inception of these attacks was not up to the number of attacks last year.
For instance, in 2014, there was a reported 3.2 million ransomware attacks. The number of attacks grew just marginally by 19% to about 3.8 million attacks in 2015.
2016 though, saw an astronomical rise in the number of attacks. 638 million attacks were reported. A 167% rise compared to the 2015 figures.
Behind these attacks, there are the huge sums of money paid out by individuals and companies to get their files back. According to the report, in the first quarter of 2016, over $200 million was paid out in ransoms.
The figures though don’t tell the full picture of these attacks. The fact is, not everybody who has fallen victim to ransomware attacks reports them. They just pay up quietly.
After all, in most cases, the money demanded is not too much. Take the case of the Wannacry malware where the creators demanded just $30 from victims to unlock their computers.
What makes it lucrative is the number of victims multiplied by that small amount. It is most times a huge pay day for the attackers.
In some cases, companies or very rich people cough out millions to prevent very sensitive information from getting out to the public.

Protecting yourself against ransomware attacks

Because there are so many types of ransomware, there is no ‘one size fits all’ solution to the problem. Currently, there are about 17 different types of ransomwares.
Each ransomware is differentiated from others by its method of propagation and how they attack computers. And since new ones keep coming up, security experts have to constantly find new solutions to a new set of problems.
For instance, if everybody using older versions of the Windows operating system had used the patch send out by Microsoft to fix the vulnerability the Wannacry bug exploited, the world would not have been fixated with the malware for two weeks.
The lesson from that is clear, always update softwares in your system. Because most updates are all about fixing bugs and patching vulnerabilities. You might not notice any difference but it all works in the back-end to defend you against these attacks.
Opening suspicious emails or clicking on attachments in emails is another way to introduce these bugs into your system.
Known as phishing, these emails or links on websites are just a cloak to mask the bugs used in the ransomware attacks. Obviously, the simple advice here is to stop clicking on any link you are not familiar with or accepting dubious looking emails.
But even after following these measures religiously, that is not a full guarantee you won’t be a victim someday. The hackers keep coming up with new variants of the bugs and new methods of propagating the malicious malware.
Carrying out these measures though would at least reduce the frequency of attacks and render you less susceptible to attacks.
Let’s leave the last word to Microsoft and their writeup in a blog post following the Wannacry attacks and how the world can be made a safer place:

We should take from this recent attack a renewed determination for more urgent collective action. We need the tech sector, customers, and governments to work together to protect against cybersecurity attacks.
More action is needed, and it’s needed now. In this sense, the WannaCrypt attack is a wake-up call for all of us. We recognize our responsibility to help answer this call, and Microsoft is committed to doing its part.’


Leave a Reply