Ransomware Challenges Posed by Cyber Criminals

Ransomware dates back to 1989 with the AIDS Trojan, which would modify the autoexec.bat file and once a computer booted 90 times the malware would begin to hide directories and encrypt the names of all files. It would then prompt the user to renew their license and contact PC Cyborg Corporation for $189.00 payment. This had to be sent to a P.O. Box in Panama (Smith, 2002). Today the number of unique new samples of ransomware malware is almost 250,000 in the first three months of 2013. This has doubled from the first quarter of 2012. Even more troubling is the reported number of infections. The visibility on infection data is limited because client machines share detection only with McAfee. There are two main reasons for the increased popularity of Ransomware: (1) Cybercriminals have easy access to anonymous payment systems, such as bitcoin; (2) There is a thriving underground market that helps with pay-per-install services on pre-infected computers, such as Citadel. Cyber criminals can also easily purchase ransomware kits, such as Lyposit, from the underground markets (McAfee Labs, 2013a, p. 12).