The Most Dangerous Ransomware Viruses

Dangerous ransomware poses a major threat to any business that uses computers or web technologies. 

A ransomware attack holds your computer hostage: the attackers will only give you the key to unlocking it if you give them what they want. Ransomware is extortion on a cyber level, and it’s only getting worse, breaking record after record.

If a company becomes infected with ransomware, they will lose time, productivity, data, and potentially a lot of money.  

The best way to avoid falling victim to a ransomware attack is to make sure that your security is up to par and learn about the most dangerous ransomware viruses out there. 

As bad actors continue to innovate to meet their criminal goals, here are a few that you should be aware of.

Five Dangerous Ransomware Viruses

Cybercrime is a profitable and growing industry. Coders and hackers are always creating new ransomware, but knowing about some of the most dangerous ones in existence can help you prepare for an attack anytime.

Ryuk

This ransomware was first spotted in 2018. It uses manual hacking techniques and open-source tools to gain access and encrypt system data, which it holds for ransom. Its targets include medical facilities, and other key infrastructure like affected oil and gas companies. In 2020, the FBI issued an alert that Ryuk was even targeting K-12 educational institutions. One medical facility was affected so badly that it had to send patients to other hospitals for treatment. It’s even accessed and encrypted data from a U.S. government agency, and will continue to be a serious concern. 

Cerber

Cerber was used in 52.5 million recorded hits in the first half of 2021 and its use is rapidly increasing. This ransomware is effective because rather than targeting computers, it targets servers, making them impossible to gain access to. It was written in many different computer languages, making it hard to crack.

The malware is delivered via infected websites, phishing emails, and even infected ads on legitimate websites. Cerber’s creators use a software-as-a-service to license the ransomware to cybercriminals for a cut of the revenue. Sometimes the ransom increases over time, and the longer the victim waits, the more hackers demand to unlock the system. 

WannaCry

This ransomware attack in 2017 infected over 200,000 computers worldwide. The attackers demanded $300 in Bitcoin per computer before they would turn over the key. WannaCry infected major companies as well as hospitals.

WannaCry gave victims seven days to pay the ransom, at which time their computers would be unlocked. Many companies opted not to pay the ransom, but the attackers still made over $130,000. WannaCry is still very active ransomware, with more than 13,000 attacks in March 2021 alone.

SamSam

SamSam gains access to a victim's network by executing brute-force tactics against weak passwords, including the Remote Desktop Protocol (RDP).  This ransomware silently sits doing reconnaissance, sometimes waiting for a long time before choosing to lock down a system. In the US, hundreds of organizations have been hit, including large municipalities, the San Diego port and at least three hospitals. June 2021 alone saw 15.7 million hits, which was more than two-thirds of what was seen in all of 2020.

Cryptowall 4.0

Cryptowall 4.0 is considered one of the most destructive ransomware viruses. It can infect a computer via spear phishing spam, which is targeted spam that looks like authentic communication with attachments that look like PDF invoices, bills, and other common attachments which are actually malicious ZIP files. CryptoWall 4.0 also exploits vulnerabilities in outdated software or comes from tainted advertisements. 

CryptoWall presents a countdown and if the victim has not paid, their data will be destroyed. Even more violating, it can also use the infected computer to spread CryptoWall further, as part of a network. 

How to Prevent Ransomware

If you’re a business owner or healthcare provider, it’s especially important to have access to your data. Having a disaster recovery and business continuity plan can help manage the aftermath, but of course, it’s better to avoid the issue entirely.

When it comes to ransomware, prevention is the best option, since even paying the ransom may not provide you with access to your data (these are criminals, after all.) 

In addition to practicing good digital hygiene you should also provide training to your employees on how to detect possible malicious emails and attempts to break into your systems. The best thing you can do is have a team of professionals that know how to prevent and counteract instances of dangerous ransomware.

For more information on computer security, explore our many IT solutions to help protect your network.