Ransomware is big business, whether we’re talking about the hackers who profit millions from attacks or the cybersecurity industry that’s worth billions globally.
An average payout of half a million dollars is pretty steep, but demands of up to $50 million have been made in recent months. The magnitude of the problem is increasing rapidly, both monetarily and in the breadth of the effects of the attacks.
It’s hard to quantify exactly what the worst ransomware attacks have been, so we’re going to explore it from different angles, looking at:
- The most damage caused by ransomware;
- The most wide-ranging attack;
- Which attack got the single biggest payout;
- The biggest global company to be attacked;
- The first-ever ransomware to ever infect a computer.
But let’s kick off with a definition.
What is ransomware?
Ransomware is a particular type of malware that infects a computer or network. The software will encrypt the stored data and cybercriminals will demand money from a victim.
Either a business pays up – more often than not using cryptocurrency – or they lose their data and reputation.
Ransomware attacks can be sophisticated and take months of planning and others can be a scattergun approach. Either can be devastating if the right targets are found.
The 5 worst ransomware attacks in history
- The most damaging ransomware attack
In 2021, Russian hackers invaded the network of US oil giant Colonial Pipeline. From one single compromised password, the hackers were able to infiltrate the network and cause the shutdown of the biggest oil pipeline in the USA.
A total of $4.4 million was eventually paid to the hackers, but that pales in comparison to the attack’s economic impact. Oil moving from West to East in the States nearly stopped, the price of gas at the pump increased, and people were queuing to fill up their cars.
The effects were so massive that it was even seen as necessary for President Joe Biden to be briefed about the attack.
- The most wide-ranging ransomware attack
WannaCry was a ransomware attack that started in 2017. Estimates put the number of infected computers at anywhere between 100,000 – 200,000 yet reports at the time put ransoms collected at a mere $50,000.
It was the scale of the attack that makes it one of the worst ever seen. Some of the biggest companies in the world were affected, such as:
And even the British National Health Service had to cancel appointments.
The attack was so far-reaching that Microsoft went as far as releasing a patch for unsupported operating systems.
- The highest ransom ever paid in an attack
Probably the biggest ransom demand made to date was for $50 million by cybergang REvil from the computer manufacturer Acer in 2021.
However, in terms of absolute payouts, JBS Foods has probably handed over the most Bitcoin to hackers at $11 million. The company is the biggest meat processor in the world so it was vital to keep supplies safe.
The attack was also attributed to the Russian-based REvil, the perpetrators of our next record-breaking hack.
- The highest-profile attack
REvil is a well-known cybercriminal syndicate that demands huge deposits of Bitcoin to decrypt valuable company data.
It was very active in 2021 – along with Acer and JBS Foods, it attacked Quanta. This name may not be on the tip of everyone’s tongue, but it’s a company that supplies hardware to Apple.
When Quanta refused to negotiate a $50 million ransom, REvil went direct to one of the biggest tech firms in the world to collect. After leaking blueprints for new products, the public information went cold – it’s possible a deal was done under the cloak of secrecy.
- The original ransomware attack
It may seem like ransomware is a new phenomenon, but it actually dates back to 1989. At a Swedish medical conference, a biologist gave out thousands of infected floppy disks.
Once used in a computer, the virus would count 90 boot sequences, then demand $189 be sent to a PO box in Panama. It’s not recorded how much the scientist responsible made from the scam, but he sure made a huge impact on the world with that one scam.
What have we learned from ransomware attacks?
The business you own or work for may not be on the scale of Colonial Pipeline or have the fame of Apple. However, if you store sensitive customer data, your networks are vulnerable.
Some of the key takeaways from the worst ransomware attacks include:
- Ensuring employee passwords are regularly changed and everyone uses two-factor authentication;
- Keeping your systems up-to-date with software and firmware updates for the latest security patches;
- Secure your network access with a tool like Surfshark VPN to keep entry points to your data safe;
- Make sure everyone in the business is aware of data security procedures and knows where attacks can come from.
Learning these lessons from some of the biggest ransomware in the world should help prevent losses in your business to malicious online gangs.