Ransomware is a very old threat. It first occurred in 1989, when a malicious locker was distributed to people over a floppy disk. For many years, fake applications and fake screen lockers demanded payment in prepaid vouchers. While that endeavor was somewhat profitable, it never reached notable magnitude.

All that changed when cryptoransomware entered the playing field in 2013 with the emergence of Bitcoin. Cryptoransomware relied on cryptocurrency to fuel its development, distribution and deployment across the globe, gaining unprecedented momentum in no time.

By 2015, a single cryptoransomware gang, CryptoWall 3.0, had been tied to more than $325 million in losses from infected victims who ended up buying bitcoin and paying the criminals to get their data back. By 2016, ransomware was the malicious deliverable in up to 63 percent of spam emails sent worldwide.

By 2017, the world saw ransomware debilitate organizations, critical infrastructure and healthcare systems across the globe with new capabilities and flash distribution that leveraged nation-state-level tools.

Throughout all these attacks, the demands had one thing in common: Attackers wanted the ransom in bitcoin or another cryptocurrency, yet again tightening the link between cryptocurrency and illicit business.