BotNet News

Few cybersecurity threats have evolved as quickly or significantly over the past decade as ransomware. Wade Baker, collegiate associate professor of integrated security in the Department of Business Information Technology, is helping to advance understanding of this menace by conducting sponsored research through his Cyentia Institute think tank.

Ransomware is malware that encrypts data on your computer or network and holds it hostage until the victim pays to regain access. It has evolved from a floppy disk-based attack that hidden file directories and demanded USD 189 to unhide them to today’s advanced cybercriminal attacks that exploit sophisticated cryptography.

Increasingly, attackers are targeting the most valuable assets of their targets, including critical infrastructure. The recent attack on the Colonial Pipeline, for example, highlighted the impact of such an incident on society. The threat also underscores the need for cybersecurity professionals to advocate for stronger industry standards and support cross-sector collaboration.

The first high-profile ransomware to spread across a large network was CryptoLocker, which used an EternalBlue Microsoft Windows vulnerability to infect computers around the world. CryptoLocker and its copycats extorted millions of dollars from victims before being shut down. More recently, ransomware like Locky has targeted users by hiding malicious macros inside of email attachments disguised as legitimate invoices.

More recently, attackers have been leveraging ransomware to mine cryptocurrency for their own profit by using your computer’s resources to process transactions on the blockchain. This activity is often undetected by anti-virus software. In 2021, the ransomware REvil helped popularize RaaS (ransomware as a service) attacks that target specific, high-value targets and demand substantial ransom payments.