(Disclaimer: La Tonique Media LLC does not represent any political ideology. While we do not espouse any political beliefs, we do seek to provide a balance perspective by incorporating voices from both sides of the political spectrum.)

By Giulia Miraglia

It cannot be denied that ransomware represents a contemporary menace to individuals, organizations and all kinds of government from large nations to local towns. Ransomware cyberattacks are a big  business: the researcher Steve Morgan anticipates that a business is attacked by a cybercriminal every 11 seconds and that damage from these attacks will cost $20 billion by 2021.

Since the birth of the Internet of Things (IoT), progress and ease have been brought into our lives from smart home security systems to shipping containers and logistics tracking. Some benefits are automation, communication and the flow of information with reduced time and effort. However, this introduction of indirect communication between smart devices and individuals has made the IoT vulnerable to several threats, such as cyber scams. One of the major menaces faced are ransomware attacks. 

Ransomware is a combination of ransom–a large amount of money that is demanded in exchange–and ware–the type of malware. The latter, a portmanteau of malicious software, is designed to gain access or to cause damage to computers. Actually, there are several malwares used for profit: spyware (used to steal information), adware (created forced advertising), zombie computers (used to send spam email or child pornography) and ransomware (used to extort money).

Ransomware prevents users from accessing their personal data. In particular, the attacker aims to encrypt the victim's data using an encryption algorithm. To regain access to personal information, users are coerced into paying the ransom demanded. The most used cryptocurrency is Bitcoin (BTC) because it allows the attackers not to expose their identities. It is an extortion racket.

Nowadays, this type of attack is widespread and produces huge consequences, such as the loss of sensitive data, productivity, data destruction and business downtime (the period when machines or equipment are functional and not functional). To deal with the ransomware threat, organizations have to annually revise their cybersecurity goals and enhance resilience and recovery plans. Over the past three decades, the devastating effects of ransomware have constantly grown. Both individuals and organizations have been victims of these attacks and are forced to fulfill cybercriminal demands, some of which can reach up to $1 million.  

There are different vectors the ransomware can take to get access to a computer. The most common example is phishing spam. Using an email as a weapon, the goal is to lead the victim to download and open the link attached, so that the malware can take over the computer. Other, more aggressive ransomware, such as NotPetya, infects computers without this trick.

The history of ransomware started in 1989 with the name of Aids Trojan or PC Cyborg, introduced by a Harvard biologist. At that time, there was no idea of the IoT, and this ransomware was distributed through a floppy disk. In 2005, the malware GPCoder was launched. Due to the fact that the IoT was not mature, extortion was low. This era is known as the “Fake Antivirus” era.

Since 2015, thanks to the widespread use of IoT and the growing use of technology, cybercriminals have found new methods of attack. The most notorious and damaging attacks hit individuals and enterprises. An example has been Mamba, which targeted the public transport system of San Francisco on the 26 and 27 of November 2016. The SF Municipal Railway, aka the Muni, lost the ability to sell tickets because it was attacked by this ransomware.

In 2017, the strong menace NotPetya appeared to become the second global cybersecurity issue. This ransomware attack derives from Petya (2016), but it targeted the whole system of Ukraine. It wiped data from the computers of banks, energy firms, senior government officials and an airport. The CIA has attributed this attack to Russian military hackers.

In the same year, WannaCry, known as WannaCrypt Ransomware, came on stage as a huge incident. What made WannaCry different from the previous ransomware attacks is that it targeted more than 200,000 computers in more than 150 countries. The potential loss estimated was $4 billion.

In 2019, Malwarebytes witnessed an explosion of attacks against the public sector organizations, health sector, production, finance and others. Hackers did not limit their attacks to these environments. New strikes are currently targeting governmental agencies, electronic industries and IoTs.

Until June 2020, the victims of the 11 biggest attacks have spent almost $144.2 million to investigate, rebuild, restore backups and pay the ransom amount required. Five of eleven attacks have targeted municipal institutions and the remaining targets have been legal, manufacturing, financial, IT services or education. Eight of eleven have happened in the United States, one in Denmark and two in England.

The Cybersecurity industry is in crisis right now. Due to the availability of ransomware toolkits and infection vectors, the number of ransomware attacks and digital extortion have grown. 

Phishing attacks have increased by 350 percent during COVID-19 pandemic. Recently, criminals have used personal data and information to assume other identities driving up the frequency of fraud cases. 

At the end of September 2020, it has been reported that combating ransomware attacks has taken on a new urgency ahead of the vote in the United States.  Federal officials fear that hackers could be good enough to create well-timed chaos during election night. Delaying the vote or casting doubt on the ultimate results will likely lead to a high level of turmoil. Less than one month from the elections, federal investigators still do not have a clear idea whether possible ransomware attacks are criminal acts or Trojan horses.

Ransomware is still a top cybersecurity threat. To discourage cybercriminals and protect users from ransomware attacks, everyone should use security software, keep it up to date, update their operating system and other software, refrain from automatically opening email attachments, back up important and sensible data to external hard drives and, finally, not pay the ransom demanded, ever!

Giulia is a political writer for La Tonique. You can follow Giulia on Twitter ⁦@gm_miraglia⁩.