A Brief Horror History of Malware

04/09/2018 08:56:36
Where Did it Come from and Where is it Going?

Malware development has been simply meteoric since it first appeared in the early 1990’s as CP Cyborg, which was spread through surface mailed floppy disks. Think of this first attack as the equivalent  of the movie, The Ring. If the characters hadn’t curiously (and rather stupidly) watched the decidedly creepy VHS, no harm would have come to them – but then again, who could have predicted the chilling supernatural results of popping in a VHS tape!?

The Trojan horse-style Archiveus first appeared in mid-2000’s, employing the first encryption methods on record. Victims were required to make purchases from certain websites to unencrypt their files – much like the blood sacrifice required in Children of the Corn. Luckily the password protection was cracked in 2006 (mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw) and we no longer need to fear “He Who Walks Behind the Rows.”

We trust police to serve and protect but around 2010 hackers began taking advantage of anonymous payment services by using email to pose as police and imposing “fines” for illegal activities. It was a somewhat successful scheme, reminiscent of Terminator 2 – the almost too clean-cut cop who everyone trusted until he sent a metal rod through your head.

CryptoLocker heralded in a new age of ransomware in 2013, spreading via spam messages and email attachments and demanding payment in exchange for the decryption key. Indiana Jones had the right idea when he told Marian to close her eyes in Raiders of the Lost Ark. Even though CryptoLocker was relatively easily defeated it spawned a whole new floodgate of variants and CryptoLocker-style inspired malware which can still be seen today in different more sophisticated forms like CryptoWall.

In 2014-2015 SimpleLocker was anything but simple, targeting Android mobile devices it started out annoyingly blocking access to certain aspects of the UI but eventually became more aggressive, using Trojan download encryption methods which were notoriously difficult to get around. We can’t feel all that bad for victims who were primarily infected while trying to download pornographic material – but as we learned from the movie Scream, sometimes just answering the phone seals your doom.

WannaCry sounds like a horror movie and eventually affected more than 250,000 computers in 116 different countries like a bad dream. It was the technological equalivant of A Nightmare on Elm Street – spreading like wildfire worldwide. While Microsoft developed a patch relatively quickly, most people had neglected to install it and suffered attacks from WannaCry and the endless number of variants it spawned – just as we’ve suffered through 9 variants of Freddy and A Nightmare on Elm Street - each variant more annoying and more predictable than the last.

NotPetya came on the scene in 2016 but still wreaks havoc today – just like the skin crawling film Cabin Fever where just drinking the water makes you literally fall to pieces. This particular malware really highlighted just how less-than-seriously organizations were taking cyber security and we’ve seen significantly more focus on the network security industry since NotPeyta and WannaCry popped up.

There are so many lessons to be learned from this brief horrific history of ransomware. It spreads quickly. It’s unpredictable. It can happen to anyone. It changes fast. It’s out to get you. Small to mid-sized businesses are in particular danger with financial losses of over $2,235,000 in 2017 and fileless attacks projected to grow by 35% this year alone.  What could we potentially face next year?

About Sangfor
Founded in 2000 and a publicly traded company as of 2018 (SANGFOR STOCK CODE: 300454 (CH)) Sangfor Technologies is the global leading vendor of IT infrastructure solutions specializing in Cloud Computing and Network Security. With most small and medium sized businesses being devastated and decommissioned after even one successful attack and new attack methods being developed every day, it’s time to take network security as seriously as a heart attack – or a ruthless serial killer. For more information about how Sangfor can guide you toward more serious and comprehensive network security before you are attacked, please visit our website http://www.sangfor.com.

Our Social Networks

Global Service Center: