Chapter 1: The History of Human-Operated Ransomware Attacks
Just like COVID-19, human-operated ransomware attacks became the second pandemic in 2020. Unfortunately, this trend keeps evolving nowadays. Despite the fact some threat actors announce their retirement, their places in the cybercrime business are quickly occupied by the younger generation.
Such attacks are discussed a lot nowadays; however, they emerged even before well-known ransomware outbreaks, such as WannaCry and NotPetya. Unlike those uncontrolled ransomware outbreaks, this time it's under the full control of various ransomware operators and their affiliates. Careful reconnaissance of compromised infrastructure, preparing it for final ransomware deployment, can potentially bring them millions of dollars in cryptocurrency.
Of course, there are multiple notable examples of ransomware strains used in human-operated attacks. In this chapter, we'll focus on the most important examples from a historic point of view, finishing on what's most common for today's threat landscape – ransomware-as-a-service programs.
We'll look at the following examples:
- 2016 – SamSam ransomware
- 2017 – BitPaymer ransomware
- 2018 – Ryuk ransomware
- 2019-present – ransomware-as-a-service programs