4 min read
Aug 09, 2019

Why Wiper Malware Might Foretell the End of Ransomware

Wiper malware doesn't just lock your computer or encrypt your files. Instead—just as its name implies—it permanently wipes your drive making files impossible to recover.

Zach CapersSr Content Analyst

A severe strain of ransomware known as GermanWiper has been spreading a path of digital destruction across German computer networks. Except GermanWiper isn’t exactly ransomware-it’s something much worse.

Recently, the city of Baltimore has been dealing with a severe ransomware attack. And they’re not alone. Ransomware is popping up in municipalities across America and major cities are paying hundreds of thousands of dollars to regain access to crucial data. To review, ransomware attacks encrypt your files demanding a payment in exchange for decryption keys.

But why would big cities pay these kinds of exorbitant sums to internet scammers?

Ransomware is unique within the world of cybercrime in that there’s always been a certain level of trust involved for the scheme to endure. More often than not, when victims pay the ransom, they regain access to their files.

In fact, a Kaspersky study found a remarkable 80% success rate. Last year, Atlanta refused to pay a $52,000 ransom and ended up spending $2.6 million to recover from the attack.

Group 3@1x Created with Sketch.

Wiper malware undermines the ransomware business model

With GermanWiper, the deal is off. That’s because this strain of “ransomware” doesn’t lock your computer or encrypt your files. Instead-just as its name implies-it permanently wipes your drive by overwriting files making them impossible to retrieve.

GermanWiper malware arrives as an email disguised as a job opportunity with an application attached. The attack ensues when the recipient clicks on the attached .LNK file. And despite having no files to offer in return, GermanWiper has the audacity to ask for a ransom.

The wiper malware threat is growing rapidly with IBM’s X-Force Incident Response and Intelligence Services (IRIS) recently reporting that such attacks have shot up by 200% during the first half of 2019. The Department of Homeland Security has also recently issued an alert.

There’s no reason why GermanWiper’s developers can’t, or won’t, adapt their scam to other countries. And there’s no doubt copycats will follow. But the bait-and-switch duplicity of wiper malware masquerading as traditional ransomware will eventually destroy ransomware’s already brittle business model.

Group 3@1x Created with Sketch.

Data backup systems are critical

The only real insurance against wiper malware is a solid data backup system. Worryingly, a recent GetApp survey found that only about two-thirds of those surveyed reported their company uses a data backup system for security.

There’s no reason for that number to be so low. All businesses that connect to the internet and employ humans are vulnerable to wiper malware threats such as GermanWiper.

Sure, I write for GetApp where we strive to be the best software research site on the web. However, I didn’t write this to sell you on a particular piece of software. I wrote this to sell you on the concept of maintaining a data backup system-any data backup system.

Backup options abound including cloud services, automated backup software, network attached storage, and even the backup and restore function included with your operating system.

While Germanwiper’s emergence is as alarming as it is destructive, it might just be the beginning of the end for ransomware. And even if it isn’t, backing up your data will ensure that your business doesn’t get wiped out.

Interested in data backup software?

Visit our directory


The data security survey referenced in this article was conducted by GetApp in June 2019 using Amazon Mechanical Turk among 714 respondents who reported full-time employment in the United States.

Back to top