Ransomware attacks affect thousands of users globally. In some cases, even after victims think the ransomware is contained, it can continue to cause issues. Anti-malware programs catch many older versions, but hackers continually develop new types to avoid detection.
For instance, in 2018 and 2019, Ryuk ransomware disabled Windows System Restore functionality. Users were then unable to recover from a previous restore point in the operating system. Because it targeted businesses, Ryuk demanded hundreds of thousands of dollars in ransom.
CryptoLocker, WannaCry, and Petya were all different forms of ransomware that caused global infrastructure shutdowns, affecting even banks and government agencies. WannaCry, in particular, targeted Windows machines and used an exploit developed by the United States National Security Agency (NSA) to scan open network drives and encrypt vulnerable files.
Ransomware threats that persist include Gandcrab, SamSam, Zeppelin, and REvil. While these variants are newer, they still persist as dangerous malware with the ability to destroy corporate systems.