The five: ransomware attacks

Cyber-attacks that threaten to publish a victim’s data or block access to it unless a ransom is paid have grown internationally since 2012.

Sodinokibi and Travelex

Hackers attacked Travelex’s network on New Year’s Eve, stealing customer data including dates of birth, credit card information, and national insurance numbers. The ransomware gang responsible, Sodinokibi, has demanded £4.6m in return. The currency exchange service has yet to respond; its websites across Europe, Asia, and the US remain down for “planned maintenance”.


The first significant ransomware attack on a grand scale, CryptoLocker spread via infected email attachments from 2013 to 2014, encrypted private user data and demanded payment in exchange for the decryption key. Infecting more than 500,000 machines, its operators are believed to have extorted around £2.3m.


This targeted computers running the Microsoft Windows operating system in May 2017: within a day, it had infected more than 230,000 machines in more than 150 countries. In the UK, where about a third of NHS hospital trusts were affected, the attack is estimated to have cost the health service £92m.


In 2019, the Baltimore city government found its computer systems hacked by an aggressive ransomware variant known as RobbinHood, with its operators demanding 13 bitcoin (roughly £78,600) in exchange for restored access to information. The attack disrupted property purchases, water bills, and city charges, eventually costing the city £13.8m.


Named after a demon from anime series Death Note, Ryuk made almost £500,000 in two weeks by attacking organisations that worked on tight deadlines. This included the LA Times and a North Carolina water firm. While its source code was derived from a product of the North Korean Lazarus Group, it is thought Ryuk’s originators are Russian. Jonathan Chan

Post syndicated via RSS from the Guardian.

More people in Canada, like you, are reading and supporting The Guardian’s independent, investigative journalism than ever before. And unlike many new organisations, we have chosen an approach that allows us to keep our journalism accessible to all, regardless of where they live or what they can afford. But we need your ongoing support to keep working as we do. The Guardian will engage with the most critical issues of our time – from the escalating climate catastrophe to widespread inequality to the influence of big tech on our lives. At a time when factual information is a necessity, we believe that each of us, around the world, deserves access to accurate reporting with integrity at its heart. Our editorial independence means we set our own agenda and voice our own opinions. Guardian journalism is free from commercial and political bias and not influenced by billionaire owners or shareholders. This means we can give a voice to those less heard, explore where others turn away, and rigorously challenge those in power. We need your support to keep delivering quality journalism, to maintain our openness and to protect our precious independence. Every reader contribution, big or small, is so valuable. Please support The Guardian for as little as CA$1 – and it only takes a minute. Thank you.