Trends

Where ransomware attacks come from: 3 origins worldwide

Headline

Context

Even though ransomware is not a brand-new cybersecurity risk, top governments worldwide are still paying close attention to this danger. The ability of people to purchase groceries, fill up their cars with gas, and receive healthcare has been impacted by ransomware. In recent years, ransomware’s financial effects have also become more noticeable. Attacks against supply chains result in more extensive harm than attacks on a single person. To slow the spread of ransomware attacks, the government and tech companies have also stepped up their response.

Evidence

Pending intelligence enrichment.

Analysis

Ransomware can be traced back to 1989 when the “AIDS virus” was used to extort funds from ransomware recipients. Payments for that attack were mailed to Panama, at which point a decryption key was sent back to the user. In 1996, Columbia University’s Moti Yung and Adam Young introduced ransomware known as “cryptoviral extortion.” This idea, born in academia, illustrated the progression, strength, and creation of modern cryptographic tools. Young and Yung presented the first cryptovirology attack at the 1996 IEEE Security and Privacy Conference. Their virus contained the attacker’s public key and encrypted the victim’s files. The malware then prompted the victim to send asymmetric ciphertext to the attacker to decipher and return the decryption key—for a fee. Also read: How do autonomous vehicles work? Ransomware attacks usually target institutions and organisations that are mission-critical, such as healthcare, finance, manufacturing, and government organisations. In some cases, along with other impacts, ransomware attacks cause higher mortality rates in healthcare institutions. As manufacturing includes various kinds of production, such as metal products, automotive, and industrial equipment, it is also a highly targeted sector by ransomware. Financial institutions are also targeted quite often. In this case, the attackers still intend to steal money and a huge amount of sensitive user data. Until May 2024, according to the statistics from Camparitech , there are a total of 4013 tracks with an average ransom of 408,044$. The following are the top 5 ransomware targets by industry in 2024: Education, construction and property, central and federal government, media, entertainment and leisure, and local and state government.

Key Points

The top 5 ransomware targets by industry in 2024 include education, construction and property, central and federal government, media, entertainment and leisure, and local and state government.
Three origins of new ransomware strains are state-sponsored actors, criminal organisations, and security researchers who don’t always think things through.
Supply chain attacks, triple extortion, and ransomware as a service (RaaS) are the primary trends for ransomware in recent years.