12 Cyber Threats of Christmas – Ransomware

In our 12 threats of Christmas feature, we want to look at cyber threats and issues that can impact organisations.

Some may be known to you, whilst others, may seem a little more out of the box.

On the third day of Christmas, our cyber threat is:


This month marks the 30th anniversary of the very first ransomware attack. Notably, very little has changed with the way cyber criminals use this tactic, moving away from floppy disks to pieces of software.

Ransomware is a type of malicious software, designed to deny access to a computer system until a ransom is paid. It is often spread through phishing emails and can be particularly devastating to a business of any size.

The first attack is said to have targeted the healthcare industry, when a gentleman named Joseph Popp, PHD, who was an AIDS researcher, distributed 20,000 floppy disks to researchers over more than 90 countries.

He claimed that the disks contained a programme that analysed an individual’s risk of acquiring AIDS by getting them to fill out a questionnaire.

However, inside the floppy disk was also a piece of malware, which after being activated over 90 times, sent a ransom message to the user. This ransomware attack became known as the AIDS Trojan or the PC Cyborg.

Eddy Willems, who worked for a Belgian Insurance firm in 1989, received one of Joseph Popp’s floppy disks, and completed the questionnaire. Unfortunately, Mr Willems discovered that his computer had locked itself down a couple of days later, demanding he sent $189 to a PO Box in Panama.

Nowadays, hackers can infiltrate a company’s IT system and be in there for weeks having a good scout around before deploying the piece of software locking down your cyber systems.

Ransomware is one of the three biggest threats that can impact firms, and the ease in which people pay up to ‘free’ their files, suggest that criminals won’t ease this 30-year-old tactic into retirement just yet.

What can I do to protect my organisation from a ransomware attack?

Here are some steps you can take to prevent your organisation from falling foul of a ransomware attack:

  • Encourage your employees to change their passwords regularly – this prevents hackers from gaining remote access to your systems
  • Store and dispose of data securely – you never know if or when important documents or old storage devices could fall into the wrong hands
  • Staff training – this could be on spotting the signs of phishing emails, but also enabling employees to take part in social engineering training which would allow you to test your resilience against a cyber attack
  • Ensure your anti-virus software is up-to-date, and ensure your software regularly scans your systems to check for any viruses

If your organisation receives a suspicious looking email or a pop up appears on your screen holding your files to ransom, take a moment and breathe. Don’t panic, and take a few minutes to take stock of the situation.

Chat to your IT team, local police force or Action Fraud who will be able to offer you advice.

Don’t bow down to the peer pressure from the cyber criminals who just see ransomware as an easy way to make money.

Take a look at our Ransomware Video for more information.

Missed Day 2 which focused on Watering Hole Attack? Fear not, you can read it here.