Skip to content
All about technology.All about cybersecurity.All about data & cloud computing.

Evolution and Impact of Data Kidnapping Schemes

Tracing its roots to the late '80s and early '90s, ransomware emerged as an instrument for coercion, initially used for extorting money from its victims. During its inception, ransomware...

 and  Administrator
3 min read
Exploring the Evolution of Data Extortion: An In-depth Survey of Ransomware Through the Ages
Exploring the Evolution of Data Extortion: An In-depth Survey of Ransomware Through the Ages

Evolution and Impact of Data Kidnapping Schemes

Ransomware, a malicious software that encrypts a victim's files and demands a ransom for their decryption, has evolved significantly since its inception in 1989. The AIDS Trojan, the first known ransomware, targeted Microsoft DOS systems and demanded a $189 ransom[1][4].

Over the years, ransomware has become more sophisticated, with the proliferation of the internet enabling widespread distribution and the use of advanced encryption techniques like RSA. The 2016 WannaCry ransomware attack, for instance, infected over 200,000 computers in 150 countries, including the UK National Health Service[1][6].

The history of ransomware can be divided into several key stages:

  • 1989–2000s (Early Era): Local disk-based ransomware demanding small ransoms; primitive encryption or simple lock screens.
  • 2006–2010: Use of asymmetric RSA encryption, spread via email attachments; criminals monetized ransomware more effectively[1].
  • 2010s–2018: Growth in ransomware variants targeting individuals and small businesses; increased sophistication but still relatively small-scale.
  • 2018–2021 (“Big Game Hunting”): Large-scale targeted attacks on enterprises and organizations; significant ransomware variants like REvil caused widespread disruption (e.g., Colonial Pipeline in 2021)[3][4].
  • 2021 onward (Double Extortion): Attackers combine file encryption with data exfiltration, threatening to leak stolen data unless ransom is paid[3].

Notable ransomware incidents highlight the scale and impact:

  • Colonial Pipeline (2021), JBS USA (2021) impacted critical infrastructure with multi-million-dollar ransoms[4].
  • Costa Rican government declared a national emergency following attacks in 2022[4].
  • Ingram Micro (July 2025) suffered a global operational shutdown, showing even large IT distributors remain vulnerable[5].

To protect against ransomware attacks, it is crucial to take several steps:

  1. Regularly back up important files offline and test restore procedures to recover data without paying ransom.
  2. Employee training on phishing and suspicious email detection can help prevent ransomware from being installed.
  3. Strong endpoint protection with antivirus and anti-malware solutions is essential.
  4. Network segmentation can limit the spread of ransomware.
  5. Prompt patching of software vulnerabilities is important.
  6. Incident response planning can help react quickly to attacks.
  7. Collaboration with cybersecurity firms and law enforcement is beneficial when attacks occur[5].

It is also important to be cautious when opening emails or clicking on links from unknown sources. With ransomware evolving into a highly profitable and destructive cybercrime, a multi-layered approach combining technology, user awareness, and strong operational policies is necessary for prevention[1][3][4][5].

References:

[1] McAfee Labs Threats Report: June 2020. (2020). McAfee. https://www.mcafee.com/enterprise/en-us/threat-intelligence/threat-reports.html

[2] The Evolution of Ransomware. (2021). Malwarebytes. https://blog.malwarebytes.com/ransomware/2021/05/the-evolution-of-ransomware/

[3] Ransomware: Threats, Trends, and Best Practices. (2021). Cybersecurity & Infrastructure Security Agency. https://www.cisa.gov/ransomware

[4] The History of Ransomware: From the AIDS Trojan to WannaCry. (2019). NortonLifeLock. https://us.norton.com/ransomware-history

[5] Ransomware: What It Is and How to Protect Yourself. (2021). Federal Trade Commission. https://www.consumer.ftc.gov/articles/0497-ransomware

  1. Encyclopedia entries detail the evolution of ransomware, a type of malicious software that encrypts data and demands ransom for decryption, revealing its roots in the AIDS Trojan of 1989 and its subsequent advancement through internet access and encryption methods like RSA.
  2. Social engineering tactics, such as phishing, continue to be employed by ransomware criminals to spread their encryption-based threats, underscoring the importance of user training and awareness.
  3. Despite the growing sophistication of ransomware, recent incidents, like the Colonial Pipeline attack in 2021, have demonstrated that data-and-cloud-computing infrastructures across various industries remain vulnerable to these schemes.
  4. Technology advancements have led to trends like double extortion, in which attackers threaten to leak stolen data unless a ransom is paid, making effective cybersecurity practices, including incident response planning and collaboration with cybersecurity firms, crucial components in the defense against ransomware.

Read also:

    Related

    Latest