Ransomware attacks have recently garnered noticeable attention in the news cycle however, their roots date back over thirty years.

Lost in the mist, ransomware has grown from a little-known vehicle for cyber extortion to the go-to method of global cyber-attack preferred by national actors and ad hoc cybercriminals alike. How did ransomware evolve to become the definitive cyber menace we know and fear today? In the article below we’ll break down its history, the turning points which elevated the threat, and what has shifted in recent years to enable ransomware to become the scourge of the digital universe.

The origins of ransomware

What could one simple AIDS researcher do to impact the face of global cyber threats? If that person was Dr. Joseph L Popp, the answer might be a lot more than you may have thought.

In 1989, Dr. Popp introduced the world to ransomware. Using his medical credentials as the hook, “Popp mailed every victim an infected floppy disc, labeled as “AIDS Information Introductory Diskette,” using hijacked mail subscriber lists to the World Health Organization AIDS conference and PC Business World magazine in December 1989.”

Courtesy of backupassist.com

Much like the adage goes, there’s no such thing as a free lunch. For the unknowing AIDS researchers on that brisk December day in 1989, they had to find out the hard way.

Utilizing his analytical mindset, Popp masterminded a scheme to distribute the disks to computers in all corners of the globe containing a bland and unassuming survey as well as more malicious installer, which when activated ‘would deliver its payload of encryption malware onto the computer, making it one of the earliest pieces of Trojan malware.’

What was the result? While the cash payout to Popp resulted in mere pittance, the foundation had been laid for a new and massively destructive form of digital extortion to begin its deadly path.

When did Ransomware come into the big leagues?

The elevation of ransomware from passive threat to major global cyber risk is inextricably linked to the massive increase in internet users worldwide and the resulting digital transformation that resulted from this.

While Dr. Popp may have personally sent his malware on floppy disks to a predetermined list of potential victims, modern cybercriminals have leveraged the internet to enable their attacks to have resonated on a scale only felt by military incursions and acts of God.

After many years of slowly building in its devastating capabilities, by the early 2000s ransomware had become a legitimate cyber menace.

It is difficult to point to a specific moment in time where ransomware evolved from a generic cyber threat to the headline-generating and highly costly incarnation we know today. Many experts believe that by the second half of the 2000s the risks of ransomware had become too great to ignore.

In Part II we will breakdown the evolution of malware from 2006 to today, the most significant events and how trends have changed ransomware from a passive threat to generating defining cyber risk.