Cb Connect 2018 | Power of You | Register Now


Ransomware on the Rise: A Brief History and Timeline

Ransomware on the Rise
September 14, 2016 / Ben Johnson

Ransomware isn’t new. In fact, it’s 30-years-old. What IS new is ransomware’s sudden rise as a favored attack by cyber criminals. Cyber crime has become a lucrative business and, unfortunately, ransomware has become an integral attack method that many organizations are fighting a losing battle against.

Today’s businesses are routinely choosing to pay hefty ransoms rather than lose access to their intellectual property, patient records, credit card information and other valuable business data. Simply put, targeted businesses are paying ransoms in order to avoid significant disruptions to every-day operations.

Ransomware’s rise in popularity parallels the development of fileless attack methods that traditional antivirus (AV) simply cannot stop. Cyber criminals are quick learners and eager to make fast money. Whether extorting $300 per user from a small business or $30 million from a multinational enterprise, the level of effort is often similar.

Ransomware Timeline

These types of attacks date back to 1989 and have been the most pervasive cyber threat since 2005, with a dramatic spike in recent years. The resulting costs to targeted businesses are soaring. In the U.S. alone, victims lost $209 million due to ransomware in the first three months of 2016, compared with $24 million in all of 2015, according to the FBI.

(Click on the image below to expand.)

Ransomware Attack Development Timeline


Two distinct varieties of ransomware have remained consistent in recent years: Crypto- and Locker-based. Crypto-ransomware variants encrypt files and folders, hard drives, etc. Locker-ransomware – most often seen with Android based ransomware – only locks users out of their devices.

New-age ransomware involves a combination of advanced distribution efforts, such as pre-built infrastructures used to easily and widely distribute new strains, as well as sophisticated development techniques, such as using crypters to ensure reverse-engineering. This combination requires advanced skills on the part of the attacker. But because the ROI is high, attackers are continually investing in these advanced forms of ransomware.

Offline encryption methods are also becoming popular. These attacks exploit legitimate system features, such as Microsoft’s CryptoAPI, eliminating the need for Command and Control (C2) communications.


›› Ransomware is on track to be a $1 billion crime in 2016

›› 25+ variants of ransomware families have been identified

›› 4,000+ ransomware attacks happened daily since January 1, 2016

›› Phishing is the most popular ransomware attack vector

›› The top-5 variants in the U.S. are: CryptoWall, CTB-Locker, TeslaCrypt, MSIL/Samas, Locky



Looking for more info on ransomware? Click here to download the free eBook.

Join our webinar! “Decoding #Ransomware: How to Reduce Your Risk of Attack” WED. at 1PM ow.ly/yC5j303Wi7U

TAGS: Carbon Black / ransomware / what is ransomware