Home / Business and Economy / Ransomware: From Stunt to Global Cybercrime Empire
Ransomware: From Stunt to Global Cybercrime Empire
23 Mar
Summary
- Ransomware evolved from a 1989 HIV awareness stunt to a global industry.
- Hackers reap $1bn annually, costing victims an estimated $57bn by 2025.
- Major ransomware brands operate like businesses with HR and branding.
Ransomware, initially a 1989 HIV awareness stunt by Joseph L Popp Jr, has evolved into a vast global criminal enterprise. Popp's primitive "Aids Trojan" aimed to make a point but was perverted into a lucrative industry. Modern ransomware attacks encrypt data and extort payment, often with the added threat of selling stolen information on the dark web, a tactic known as "double extortion".
This criminal sector, though financially inefficient for attackers relative to victim costs, has become highly organized. Experts estimate hackers reap around $1bn annually, while victims incur costs around $57bn by 2025. The rapid development of untraceable communications, decentralized currency like bitcoin, and asymmetric encryption by 2013 created the perfect conditions for large-scale, profitable ransomware campaigns.
Major ransomware operations now function like legitimate businesses, complete with branding, salaried employees, and human resources departments to manage their "criminal HR." However, job security is precarious, with operations frequently shutting down and rebranding due to law enforcement pressure or internal conflicts. Notable attacks, like the one that crippled Costa Rica's economy in 2022, highlight the devastating impact.
Globally, Russia and North Korea are identified as significant sources of ransomware activity. The WannaCry virus in 2017 and Russia's NotPetya malware prompted Western governments to recognize ransomware as a national security threat. Looking ahead, AI-enabled cyberwarfare presents a nightmarish scenario, with potential for catastrophic disruption and data deletion on an unprecedented scale.
