Top 10 Ransomware Attacks of 2017
We’re revealing the top 10 nastiest ransomware attacks from the past year. NotPetya came in on our list as the most destructive ransomware attack of 2017, followed closely by WannaCry and Locky in the number two and three spots, respectively. NotPetya took number one because of its intent to damage a country’s infrastructure. Unlike most ransomware attacks, NotPetya’s code wasn’t designed to extort money from its victims, but to destroy everything in its path.
While NotPetya and WannaCry were first uncovered in 2017, the other ransomware attacks on our top 10 list made their debuts last year. These attacks either continued into 2017 or returned with a vengeance.
This top 10 list underscores the reality of our increasingly connected world—cybercriminals will continue to develop new infections and will capitalize on reliable, successful attack methods.
NOT PETYA - DESCRIPTION
Starting as a fake Ukrainian tax software update, this ransomware is a variant of an older attack dubbed Petya, except this version uses the same exploit behind WannaCry. Once the software update was applied to devices, hackers used the exploits to spread laterally through networks like a worm. The code used to build NotPetya was not designed to extort money from its victims, but rather to destroy everything it its path. Inception: June 2017; Attack vector: Supply Chain ME.doc and Eternal Blue & Eternal Romance Exploit
The ransom originally asked for about $300 in bitcoin, but the system that collected money from victims for decryption keys quickly disintegrated. NotPetya was designed to do as much damage to the Ukrainian infrastructure as possible. Not only did it shut down Ukrainian power plants, banking services, and supermarkets, but NotPetya also infected hundreds of thousands of computers in over 100 countries. Additionally, the ransomware shut down Maersk, the largest shipping container vessel in the world, along with FedEx (causing a reported $300 million in damage). Destruction Zone: 100+ countries