Roger A. Grimes

Ransomware Protection Playbook


Скачать книгу

231

      244  232

      245  233

      246  235

      247  236

      248  237

      249  238

      250 239

      251 240

      252  241

      253  242

      254  243

      255  244

      256 245

      257  246

      258  247

      259  248

      260 249

      261  250

      262  251

      263  252

      264  253

      265  254

      266  255

      267  256

      268  257

      269  258

      270  259

      271  261

      272  262

      273 263

      274  264

      275  265

      276  266

      277  267

      278  268

      279  269

      280  270

      281  271

      282  272

      283  273

      284 274

      285 275

      286 276

      287 277

      288 278

      289 279

      290 280

      291 281

      292 282

      293  iv

      294  v

      295  vii

      296  viii

      297  ix

      298  xi

      299  xii

      300  283

       Roger A. Grimes

      I've been doing computer security since 1987, for more than 34 years now. I remember the first ransomware program I, or anyone else alive at the time, saw. It arrived in December 1989 on a 5-1/4″ floppy disk and quickly became known as the AIDS PC Cyborg Trojan.

      Wess didn't call it ransomware then. You don't make up entirely new classification names until you get more than one of something, and at the time it was the first and only. It remained that way for years. Little did we know that it would be the beginning of a gigantic digital crime industry and a huge blight of digital evil across the world in the decades ahead.

      It was fairly simple as compared to today's ransomware programs, but it still had enough code to thoroughly obfuscate data, and its creator had enough moxie to ask for $189 ransom in order to restore the data. The story of the first ransomware program and its creator still seems too strange and unlikely even today. If someone tried to duplicate the truth in a Hollywood hacker movie, you wouldn't believe it. Today's ransomware creators and gangs are far more believable.

      Back in the late 1980s, AIDS research and understanding was fairly new and very rudimentary. There was still a widespread fear of the relatively new disease and how it was transmitted. Unlike with today's treatments and antivirals, early on, getting HIV/AIDS was a death sentence. At the time, many people were afraid of kissing or even hugging people who might have AIDS or were in high-risk groups. There was great interest for the latest information and learnings, inside and out of the medical community.

      No one besides Dr. Popp knows why he decided to write the world's first ransomware program. Some have speculated he was disgruntled at not getting a much-desired job in the AIDS research industry and wanted to strike back, but it can just as easily be stated that he just wanted to make sure he got paid for his work. Still, there are definite signs of hiding and malevolent intent from a man who knew his creation would not be taken well. It's hard to say you didn't know something was illegal when you try to hide your involvement.

      Dr. Popp purchased a mailing list of attendees from a recently held October 1988 AIDS conference in Stockholm put on by the World Health Organization and purportedly also used the subscriber lists of a UK computer magazine called PC Business World and other business magazines.