At its rudimentary stage, online extortion was all about bluff and did not use cryptography at all. It hinged upon screen lockers stating that the FBI caught users violating copyright or distributing NSFW content. Victims were instructed to pay a fine via a prepaid service such as MoneyPak or Ukash.
Things have changed dramatically over time. Ransomware operators rethought the range of their intended victims, switching to the enterprise as juicier prey than individuals. In recent years, they also added a data leak strategy and DDoS threats to their genre. As a result, online extortion has matured into one of today’s most detrimental cybersecurity perils.
Ransomware went pro in 2013
The first mainstream file-encrypting ransom Trojan called CryptoLocker made its debut in September 2013. It used an asymmetric 2048-bit RSA cipher