ELI5: What are Notable Ransomware Examples?
These are the “famous robberies” of the computer world — big attacks like WannaCry and LockBit that hit thousands of computers and made the news. Studying them helps us build better defenses.
Definition
Notable ransomware examples represent landmark attacks that defined the evolution of ransomware as a threat. Understanding these cases helps security professionals recognize attack patterns, understand the real-world impact of ransomware, and appreciate why specific defensive measures are emphasized. Each example introduced new techniques or demonstrated new levels of scale and impact.
Key Details
- WannaCry (2017): Exploited EternalBlue (NSA tool, leaked by Shadow Brokers) targeting SMB vulnerability (MS17-010)—spread globally, hitting NHS (UK healthcare) hard; patching was the key lesson.
- NotPetya (2017): Disguised as ransomware; actually a wiper (no real decryption); spread via compromised M.E.Doc software update (supply chain); caused ~$10B in damages globally.
- LockBit: Modern Ransomware-as-a-Service operation—prolific, highly automated, known for fast encryption speed.
- BlackCat/ALPHV: Written in Rust (unusual), cross-platform (Windows/Linux/VMware ESXi), operated as RaaS with sophisticated affiliate programs.
- Colonial Pipeline (2021): DarkSide ransomware disrupted US East Coast fuel supply—demonstrated critical infrastructure vulnerability.
Connections
- Parent: ransomware — real-world examples of ransomware attacks
- See also: ransomware-as-a-service-raas