Past, Present, and the Future of Ransomware

7 May 2021

What is Ransomware?

Ransomware can be defined as a combination of two words ransom and malware, where payment is made using money demanded by kidnappers for the release of captives, and malware is malicious code used for damaging or disrupting the victim’s computer system. So, Ransomware is a type of malware that is used for hijacking victim’s network, or data and ransom is demanded to return the access to the victim.

Ransomware’s past

Ransomware has been around for years. In 1989, the first ransomware Cyborg was spread by sending floppy disks to AIDS researchers. In the mid of the year 2000, Archiveus was the first Ransomware to use encryption, though it is now not so harmful, and you can find how to remove it on Wikipedia. In early 2010, a series of “police” ransomware came out. They were named so because they portrayed themself as warnings from police and demanded “fines.”

In the 2010s, bitcoin or cryptocurrencies came into existence. They were now the ransom payment method of choice by cybercriminals. This was because the cryptocurrencies were mostly untraceable. Most ransomware payments were in bitcoin because it was the most high-profile cryptocurrency.

Attacks went up drastically in the middle of the 2010s. But by 2018, the ransomware boom shot down by a large number, in favor of another crime that is cryptojacking. Cryptojackers( the hackers who did cryptojacking) took advantage of the scripts that spammers and DDoS attackers used for years: secretly gaining control of computers without their owners knowing. The compromised machines become bitcoin mining platforms, and they generated cryptocurrency in the background. Ransomware attacks declined from 2010 to 2018, while crypto attacks went up by 450%.

The Evolution of Ransomware

In the Beginning: The first documented ransomware attack was perpetrated by an evolutionary biologist named Joseph L. Popp in December 1989.

Popp sent out 20,000 disks infected with the “AIDS Trojan” also known as the “PC Cyborg” to attendees of the international AIDS conference held by the World Health Organization. The disks carried the label “AIDS Information – Introductory Diskettes.” Under the guise of being a questionnaire for users to determine their risk of contracting AIDS.

Once loaded onto a computer, the virus, in turn, hid file directories, locked file names, and informed victims that they could only restore access to their files by sending $189 to a P.O. Box located in Panama.

Evolution of Ransomware

Ransomware comes of age: Headlines today are filled with news of the latest ransomware attacks. Companies and Individuals still continue to fall victim to this age-old crime -- and it's far from a new phenomenon.

How confident are you in warding off threats? Reach out and let's help you provide defense-in-depth to mitigate risk.


In 2019, it was predicted by experts that one business would be affected by Ransomware every 14 seconds, and by 2021 it will be reduced to 11 seconds.

Cybersecurity insurance is now considered very important for big enterprises and for sectors like financial services, where the data possessed by the companies is very fragile.This process of getting insurance can even help businesses to identify bugs or vulnerabilities in their current cybersecurity system.

The volume of ransomware and malware attacks have gotten smaller as we see the recent trends.What is on the rise is the more targeted ransomware attacks, which cost businesses more.Intelligent collaboration between the public and private sector, law enforcement agencies, is also so important.

A report from the UK’s National Cyber Security Centre (NCSC) and the National Crime Agency (NCA), warns of developing threats such as ransomware-as-a-service and mobile Ransomware.To minimize these risks, we have got to monitor cybersecurity systems’ behavior over time.

5G technology is also going to cause a big headache for businesses because the attack surfaces are going to expand. The 5g devices themselves will have a lot of vulnerabilities.As these attacks have become more targeted, information sharing between organizations and automation and machine learning is very crucial to spot an attack before it happens and react appropriately to protect your business.

Cybercriminals may even rather they will find a better alternative to generate income. What they will focus on is not sure, but surely they will find another option to prove themselves.

Why you need our services

SafeAeon’s 24×7 Security Teams work around the clock to monitor, detect, and respond to cyberattacks before they have the chance to impact your business.

24x7 eyes-on-screen Monitoring

Our 24×7 SOC-as-a-Service ensures security is monitored around the clock by actual humans.

Protect your organization

SafeAeon’s 24×7 Security Teams work around the clock to monitor, detect, and respond to cyberattacks before they have the chance to impact your business.

Vendor Agnostic Approach

Fully Customized to your unique requirements. Our vendor agnostic team supports all the industry leading security solutions

Managed Risk & Compliance

Compliance with standards like PCI, HIPAA, SOX, GLBA, FFIEC, NERC CIP, CMMC and FISMA

Ready to take control of your Security?

We are here to help

Reach out to schedule a demo with our team and learn how SafeAeon SOC-as-a-Service can benefit your organization