Cybertech Europe 2026-IT Industry Official Media Partner
Subscribe

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
Contact us

The History of Ransomware – 35 Years of Misery

Henrik Bergqvist, Cybersecurity Expert Cisco Sweden Henrik Bergqvist, Cybersecurity Expert Cisco Sweden
Henrik Bergqvist, Cybersecurity Expert Cisco Sweden

Cisco Talos, Cisco's threat intelligence and research division, explores the costly backstory of ransomware in a new essay on the past, present, and future, beginning years before the internet became available to the general public.

In December 1989, a person mailed letters containing floppy disks to 20,000 recipients, and just like many of today's cyberattacks, the lure was linked to one of the big news events of the time – the floppy disks were said to contain new software that could determine whether the user was at risk of developing AIDS.

But the program instead locked the user's computer and generated a message asking them to send the ransom via check to a post office box in Panama.

  • Maciek Szczesniak featured on IT-Branschen Wire Channel Magic Chats podcast banner
    Maciek Szczesniak appears on IT-Branschen Wire Channel Magic Chats, discussing leadership, innovation, digital transformation, and business services.
    SPONSORED

  • Cybertech Europe 2026 cybersecurity conference in Rome with the IT industry as Official Media Partner
    Cybertech Europe 2026 is one of Europe's leading cybersecurity conferences, bringing together cybersecurity leaders, government officials, technology innovators, startups, investors, and enterprise decision-makers in Rome. The IT industry serves as an Official Media Partner, providing event coverage, executive interviews, industry insights, and cybersecurity news for Nordic and European audiences.
    ADVERTISEMENT

  • The IT industry Nordic technology media platform covering cybersecurity, cloud, AI, digital transformation, channel, MSP and enterprise IT news
    The IT industry is a leading Nordic technology media platform covering cybersecurity news, artificial intelligence, cloud computing, enterprise IT, digital transformation, managed services, channel partners, software development, telecommunications, data centers, IT infrastructure, technology leadership, business innovation, and emerging technologies. Through executive interviews, industry analysis, event coverage, thought leadership, product launches, vendor updates, and market insights, the IT industry connects technology decision-makers, CIOs, CISOs, CTOs, IT managers, MSPs, resellers, distributors, technology vendors, startups, and enterprise organizations across Sweden, Norway, Denmark, Finland, and Europe. Coverage includes cybersecurity trends, AI adoption, cloud strategy, enterprise software, networking, digital infrastructure, sustainability, compliance, governance, risk management, automation, data analytics, and future technology developments.
    OWN CONTENT

  • VORTIQ-X AI Governance helps companies transform AI into controllable and verifiable business value.
    VORTIQ-X is an AI Governance platform that helps organizations govern, verify, and create measurable business value from AI. The platform focuses on transparency, compliance, AI governance, and the effective use of AI in mission-critical processes.
    ADVERTISEMENT

How much money”The AIDS Trojan"Drawn in" does not tell the story, but the author was identified and arrested, and spent a number of years in prison. Today he is deceased. But in the decades that have passed since then, the legacy of his work has cost enormous sums.

In 2023 alone, criminal groups and individuals were reported to have collected more than ten billion kronor in ransoms using ransomware, according to a report from the law firm Fisher Phillips. And the costs to the businesses affected are far greater than that.

"Ransomware is not just a financial crime and the costs are much greater than the ransom. The costs to an affected business, both in lost revenue and in restoring the damage, can be enormous, and of course there is also the risk that the business will lose trust with customers or the public, and this is damage that may be impossible to repair. For private individuals who are affected, it often means stress and anxiety, and in many cases invaluable private data and memories are lost," says Henrik Bergqvist, cybersecurity expert at Cisco Sweden.

Large-scale disruptions

From targeting individuals, attackers are now almost entirely focused on companies and organizations – because there is more money to be made there.

In recent years, several large-scale ransomware attacks have also affected Swedish businesses, public services and citizens' everyday lives. The retail chain Coop was forced to close many stores for several days in the summer of 2021 after being hit by an attack. The Church of Sweden's IT system was down for weeks in the winter of 2023, which led to funerals having to be cancelled, and municipalities and regions have been repeatedly targeted.

In January this year, a ransomware-attack room against a large Nordic IT provider which disrupted the operations of many of the company's customers.

It's the 35th anniversary of ransomware - let's talk about the major shifts and changes

The first “modern” large-scale ransomware attack can be traced 20 years ago, in December 2004, Russian individuals received an email with what was said to be a job offer but instead contained malicious software that encrypted the computer's system files.

Although criminal activity has become more professional, and criminals today work more organized and use cryptocurrencies to stay hidden from authorities, the methodology and lures are still similar to those used at the beginning of the ransomware story.

“People are people and cybercriminals "Over the years, they have been incredibly skilled at getting victims to click on something they shouldn't have clicked on, exploiting world events, celebrities and our fears and hopes. In many high-profile cases, the attack has been preceded by extensive research work where individuals have been mapped based on their presence on social media. Here, the rapid development of AI and 'deepfake technology' makes it even easier to quickly and easily produce more credible and personalized decoys," says Henrik Bergqvist.

As ransomware technology evolves, so do countermeasures. New and improved security systems – AI-enhanced too those – which shorten the time to detection, and more resilient IT systems that can limit damage, mean that many attacks do not achieve their goals.

Law enforcement, intelligence agencies and police have a well-functioning international collaboration to track down and dismantle the most prominent cybercriminal groups. But to ensure that ransomware is not still an issue that is still being debated in 35 years, continued hard work is needed.

"There is no 'quick fix', but you have to gradually work on many levels to make ransomware less attractive. Become faster at updating vulnerable software, get better at back-up, and be more open and transparent when you are attacked. The dark figures surrounding ransomware are still too large and the more information there is, the smarter and more powerful you can act and the easier it will be to increase awareness and knowledge," says Henrik Bergqvist.

Stay up to date with the most important news

By pressing the Subscribe button, you confirm that you have read and agree to our privacy policy and terms of use
  • Maciek Szczesniak featured on IT-Branschen Wire Channel Magic Chats podcast banner
    Maciek Szczesniak appears on IT-Branschen Wire Channel Magic Chats, discussing leadership, innovation, digital transformation, and business services.
    SPONSORED

  • Cybertech Europe 2026 cybersecurity conference in Rome with the IT industry as Official Media Partner
    Cybertech Europe 2026 is one of Europe's leading cybersecurity conferences, bringing together cybersecurity leaders, government officials, technology innovators, startups, investors, and enterprise decision-makers in Rome. The IT industry serves as an Official Media Partner, providing event coverage, executive interviews, industry insights, and cybersecurity news for Nordic and European audiences.
    ADVERTISEMENT

  • VORTIQ-X AI Governance helps companies transform AI into controllable and verifiable business value.
    VORTIQ-X is an AI Governance platform that helps organizations govern, verify, and create measurable business value from AI. The platform focuses on transparency, compliance, AI governance, and the effective use of AI in mission-critical processes.
    ADVERTISEMENT

  • The IT industry Nordic technology media platform covering cybersecurity, cloud, AI, digital transformation, channel, MSP and enterprise IT news
    The IT industry is a leading Nordic technology media platform covering cybersecurity news, artificial intelligence, cloud computing, enterprise IT, digital transformation, managed services, channel partners, software development, telecommunications, data centers, IT infrastructure, technology leadership, business innovation, and emerging technologies. Through executive interviews, industry analysis, event coverage, thought leadership, product launches, vendor updates, and market insights, the IT industry connects technology decision-makers, CIOs, CISOs, CTOs, IT managers, MSPs, resellers, distributors, technology vendors, startups, and enterprise organizations across Sweden, Norway, Denmark, Finland, and Europe. Coverage includes cybersecurity trends, AI adoption, cloud strategy, enterprise software, networking, digital infrastructure, sustainability, compliance, governance, risk management, automation, data analytics, and future technology developments.
    OWN CONTENT