First known ransomware attack in 1989 also targeted healthcare

When the recent string of ransomware attacks targeted hospitals, including Hollywood (Calif.) Presbyterian Medical Center and Columbia, Md.-based MedStar Health, it appeared to come full circle to the first-ever known ransomware attack that also targeted the healthcare industry.

In 1989, Joseph Popp, PhD, an AIDS researcher, distributed 20,000 floppy disks to fellow AIDS researchers in 90 countries saying the disks contained a computer-based application that gauges a person's risk of contracting AIDS based on a questionnaire. However, Dr. Popp had infected the disks with malware with what became known as the digital version of the AIDS virus, according to a report from cybersecurity company Palo Alto Networks.

The malware at first lay dormant in the computer. It was activated after the computer was turned on 90 times, displaying a ransom note on the screen demanding between $189 and $378 for a "software lease," according to the report.

While Dr. Popp's ransomware attack now appears rudimentary (retrospective analysis indicates the malware had many flaws), it created the foundation for the more sophisticated attacks that occur today, reports The Atlantic. One such development is CryptoLocker, which is a type of mostly unbreakable cryptoware that uses encryption to render files inaccessible unless a user obtains — i.e. pays ransom for — a specific cryptographic key to be used in conjunction with cryptography to recover access to computer files. "Modern cryptoware attacks can encrypt entire file systems with such sophistication that even the FBI has been repeatedly unable to unscramble the files," according to The Atlantic. "And unlike the tools that could reverse the effects of Popp's 'AIDS virus,' nothing short of the attacker's private key…will save an infected computer or server."

More articles on ransomware:

Clinic patients receive malware-infected emails due to vendor breach 
FBI: Hospitals must take ransomware threat seriously 
Hospitals are under attack: Teach your staff to avoid ransomware 

 

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months