A history of ransomware reveals how cybercriminals evolved from mailing infected floppy disks to running sophisticated billion-dollar criminal enterprises.

Join us and Dr. Mike Saylor, my co-author on "Learning Ransomware Response and Recovery," as we trace the complete evolution of ransomware from its humble beginnings to the threat it is today. This isn't just a timeline—it's the story of how technological advances and security oversights created opportunities that criminals exploited at every turn.

We start with the AIDS Trojan in 1989, delivered on 1.5 megabyte floppy disks and requiring physical distribution. From there, we explore how the internet changed everything, allowing attacks to scale globally. You'll learn about the wild west era of the late 1990s when IT teams focused on building systems without understanding how attackers operate, and how Y2K budget shifts inadvertently weakened security postures.

One of the most critical discussions in this episode is about how the transition from tape to disk backups created vulnerabilities that ransomware attackers now exploit first. When backups moved to disk, nobody built in the security hardening we desperately needed. That oversight is exactly why modern ransomware targets your backups before encrypting your production data.

We also cover the emergence of ransomware-as-a-service, which democratized cybercrime and let anyone become a ransomware operator. The introduction of cryptocurrency made anonymous payments possible, and attacks like WannaCry and NotPetya showed the world what happens when ransomware spreads like a worm. Then came double extortion—stealing your data before encrypting it—which changed the entire calculus of whether to pay ransoms.

Dr. Mike and I break down why having good backups is still critical even in the age of double extortion, and what you need to do to defend your backup systems. We talk about immutability, segmentation, encryption, and the mindset shift from "if" to "when" you get attacked.

If you're responsible for backup and recovery in your organization, understanding a history of ransomware isn't just interesting—it's necessary context for the decisions you need to make today.

Chapter Markers:
00:00:00 - Introduction
00:01:19 - Welcome and Guest Introduction
00:02:19 - Curtis's First Ransomware Memory
00:03:40 - The AIDS Trojan: First Ransomware (1989)
00:04:42 - The Wild West Era: Late 1990s Security
00:08:05 - Y2K and Budget Shifts
00:11:26 - The Transition from Tape to Disk Backups
00:15:45 - How Disk Backups Created Vulnerabilities
00:19:30 - The Rise of Cryptolocker and Bitcoin
00:23:15 - Ransomware as a Service Emerges
00:27:40 - WannaCry and NotPetya
00:31:20 - Double Extortion: The Game Changer
00:35:10 - Why Backups Still Matter
00:37:55 - Should You Just Pay the Ransom?
00:40:01 - Defending Your Backup System

While you're here, Here's some great episodes from this year:
https://www.youtube.com/watch?v=ZZGn5xlYTec
https://www.youtube.com/watch?v=nHz5hGZy0nY&t=2s
https://www.youtube.com/watch?v=ov834MWoBXg&t=2s

This YouTube channel is also available as an audio podcast!
https://www.backupwrapup.com

We also have a blog that I've been running for over 20 years!
https://www.backupcentral.com

I've also written four O'Reilly books! My latest:
https://www.amazon.com/Modern-Data-Protection-Recoverability-Workloads-ebook/dp/B093TQTBC3