The history of technology is riddled with unintended consequences.
As William Gibson wrote in Burning Chrome, “…the street finds its own uses for things.”
Despite the evolving efforts of governments toregulate cryptocurrencyandmitigate its role in ransomware payments, the attacks keep coming.
Kaseya (2021)
On July 2, 2021, Kaseya announced its systems had beeninfiltrated.
It’s unclear how many individual businesses paid up, but REvil demanded$70 million in bitcoinfrom Kaseya.
Kaseya declined to pay, opting to cooperate with the FBI and the US Cybersecurity and Infrastructure Agency.
On July 21, 2021, Kaseyaobtaineda universal decryptor key and distributed it to organizations impacted by the attack.
The ransomware attack also disrupted the company’s Australia and UK operations.
TheFBI attributedthe hack to REvil, a sophisticated criminal ring well-known in ransomware attacks.
Colonial Pipeline covers over 5,500 miles and transports more than 100 million gallons of fuel daily.
The pipeline operator said it paid the hackers $4.4 million in cryptocurrency.
On June 7, 2021, the DOJ announced it hadrecoveredpart of the ransom.
The attack wascarried outby a group called Phoenix, which used ransomware known as Phoenix Locker.
CNA Financial eventually paid$40 millionin May to get the data back.
The medical research institution had been working on a cure for COVID.
Apparently, Netwalker had researched UCFS, hoping to gain insights into its finances.
Citing the billions of dollars UCFS reports in annual revenue, Netwalker demanded a $3 million ransom payment.
After negotiations,UCSF paidNetwalker the bitcoin equivalent of $1,140,895 to handle the cyberattack.
Travelex took down its website in 30 countries in an attempt to contain the virus.
In the wake of the ransomware attack, Travelex struggled with customer services.
Sodinokibi initially demanded a payment of $6 million (4.6 million).
Though the exact number of WannaCry victims remains unknown,more than 200,000 computersaround the world were infected.
Victims included Spanish telecommunications company Telefonica and thousands of hospitals in the UK.
The attackers initially demanded$300 in bitcointo unlock infected computer systems.
The demand was later increased to $600 in bitcoin.
However, some researchers claim that no one got their data back, even if they met the demands.
WannaCry attackscontinueto this day.
In February 2021, the DOJindictedthree North Korean computer programmers for their alleged role in the WannaCry outbreak.
On February 16, 2016analysis from Check Pointidentified more than 50,000 Locky attacks in one day.
TeslaCrypt initially targeted gamers.
In May 2016, the developers of TeslaCryptreleaseda master decryption key for affected users to unlock their computers.
CryptoWall (2014)
Widespread reports of computer systems infected from the CryptoWall ransomware emerged in 2014.
The attackers demanded payment in the form of prepaid cards or bitcoin.
CryptoWall caused roughly $18 million in damages,according to Help Net Security.
Multiple versions of CryptoWall were released, with each version making the ransomware more difficult to trace and combat.
Discovered early in September 2013, CryptoLocker would cripple more than 250,000 computer systems during the following four months.
Victims were instructed to send payments in cryptocurrency or money cards to regain access.
The ransomware delivered at least$3 millionto its perpetrators.
The DOJ indicted Russian hacker Evgeniy Mikhailovich Bogachev, as the botnet’s ringleader.
Once the virus was on a computer, it counted the times the computer booted up.
Once the computer booted up 90 times,the virushid all directories and encrypted filenames.
The decryption process was relatively simple, however, and security researchers released a free tool to help victims.
