Connect with us

Published

on

As the ransomware industry evolves, experts are predicting hackers will only continue to find more and more ways of using the technology to exploit businesses and individuals.

Seksan Mongkhonkhamsao | Moment | Getty Images

Ransomware is now a billion-dollar industry. But it wasn’t always that large — nor was it a prevalent cybersecurity risk like it is today.

Dating back to the 1980s, ransomware is a form of malware used by cybercriminals to lock files on a person’s computer and demand payment to unlock them.

The technology — which officially turned 35 on Dec. 12 — has come a long way, with criminals now able to spin up ransomware much faster and deploy it across multiple targets.

Cybercriminals raked in $1 billion of extorted cryptocurrency payments from ransomware victims in 2023 — a record high, according to data from blockchain analysis firm Chainalysis.

Experts expect ransomware to continue evolving, with modern-day cloud computing tech, artificial intelligence and geopolitics shaping the future.

How did ransomware come about?

The first event considered to be a ransomware attack happened in 1989.

A hacker physically mailed floppy disks claiming to contain software that could help determine whether someone was at risk of developing AIDs.

However, when installed, the software would hide directories and encrypt file names on people’s computers after they’d rebooted 90 times.

It would then display a ransom note requesting a cashier’s check to be sent to an address in Panama for a license to restore the files and directories.

The program became known by the cybersecurity community as the “AIDs Trojan.” 

“It was the first ransomware and it came from someone’s imagination. It wasn’t something that they’d read about or that had been researched,” Martin Lee, EMEA lead for Talos, the cyber threat intelligence division of IT equipment giant Cisco, told CNBC in an interview.

“Prior to that, it was just never discussed. There wasn’t even the theoretical concept of ransomware.”

The perpetrator, a Harvard-taught biologist named Joseph Popp, was caught and arrested. However, after displaying erratic behavior, he was found unfit to stand trial and returned to the United States.

How ransomware has developed

Since the AIDs Trojan emerged, ransomware has evolved a great deal. In 2004, a threat actor targeted Russian citizens with a criminal ransomware program known today as “GPCode.”

The program was delivered to people via email — an attack method today commonly known as “phishing.” Users, tempted with the promise of an attractive career offer, would download an attachment which contained malware disguising itself as a job application form.

Once opened, the attachment downloaded and installed malware on the victim’s computer, scanning the file system and encrypting files and demanding payment via wire transfer.

Then, in the early 2010s, ransomware hackers turned to crypto as a method of payment.

Ransomware attacks could get worse next year, says TrustedSec's David Kennedy

In 2013, only a few years after the creation of bitcoin, the CryptoLocker ransomware emerged.

Hackers targeting people with this program demanded payment in either bitcoin or prepaid cash vouchers — but it was an early example of how crypto became the currency of choice for ransomware attackers.

Later, more prominent examples of ransomware attacks that selected crypto as the ransom payment method of choice included the likes of WannaCry and Petya.

“Cryptocurrencies provide many advantages for the bad guys, precisely because it is a way of transferring value and money outside of the regulated banking system in a way that is anonymous and immutable,” Lee told CNBC. “If somebody’s paid you, that payment can’t be rolled back.”

CryptoLocker also became notorious in the cybersecurity community as one of the earliest examples of a “ransomware-as-a-service” operation — that is, a ransomware service sold by developers to more novice hackers for a fee to allow them to carry out attacks.

“In the early 2010s, we have this increase in professionalization,” Lee said, adding that the gang behind CryptoLocker were “very successful in operating the crime.”

What’s next for ransomware?

'Fully acceptable' now that you have to use AI in your cyber defense, Darktrace's Mike Beck says

Some experts worry AI has lowered the barrier to entry for criminals looking to create and use ransomware. Generative AI tools like OpenAI’s ChatGPT allow everyday internet users to insert text-based queries and requests and get sophisticated, humanlike answers in response — and many programmers are even using it to help them write code.

Mike Beck, chief information security officer of Darktrace, told CNBC’s “Squawk Box Europe” there’s a “huge opportunity” for AI — both in arming the cybercriminals and improving productivity and operations within cybersecurity companies.

“We have to arm ourselves with the same tools that the bad guys are using,” Beck said. “The bad guys are going to be using the same tooling that is being used alongside all that kind of change today.”

But Lee doesn’t think AI poses as severe a ransomware risk as many would think.

“There’s a lot of hypothesis about AI being very good for social engineering,” Lee told CNBC. “However, when you look at the attacks that are out there and clearly working, it tends to be the simplest ones that are so successful.”

Targeting cloud systems

A serious threat to watch out for in future could be hackers targeting cloud systems, which enable businesses to store data and host websites and apps remotely from far-flung data centers.

“We haven’t seen an awful lot of ransomware hitting cloud systems, and I think that’s likely to be the future as it progresses,” Lee said.

We could eventually see ransomware attacks that encrypt cloud assets or withhold access to them by changing credentials or using identity-based attacks to deny users access, according to Lee.

Geopolitics is also expected to play a key role in the way ransomware evolves in the years to come.

“Over the last 10 years, the distinction between criminal ransomware and nation-state attacks is becoming increasingly blurred, and ransomware is becoming a geopolitical weapon that can be used as a tool of geopolitics to disrupt organizations in countries perceived as hostile,” Lee said.

“I think we’re probably going to see more of that,” he added. “It’s fascinating to see how the criminal world could be co-opted by a nation state to do its bidding.”

Another risk Lee sees gaining traction is autonomously distributed ransomware.

“There is still scope for there to be more ransomwares out there that spread autonomously — perhaps not hitting everything in their path but limiting themselves to a specific domain or a specific organization,” he told CNBC.

Lee also expects ransomware-as-a-service to expand rapidly.

“I think we will increasingly see the ransomware ecosystem becoming increasingly professionalized, moving almost exclusively towards that ransomware-as-a-service model,” he said.

But even as the ways criminals use ransomware are set to evolve, the actual makeup of the technology isn’t expected to change too drastically in the coming years.

“Outside of RaaS providers and those leveraging stolen or procured toolchains, credentials and system access have proven to be effective,” Jake King, security lead at internet search firm Elastic, told CNBC.

“Until further roadblocks appear for adversaries, we will likely continue to observe the same patterns.”

Continue Reading

Technology

Apple’s China iPhone sales grows for the first time in two years

Published

on

By

Apple's China iPhone sales grows for the first time in two years

People stand in front of an Apple store in Beijing, China, on April 9, 2025.

Tingshu Wang | Reuters

Apple iPhone sales in China rose in the second quarter of the year for the first time in two years, Counterpoint Research said, as the tech giant looks to turnaround its business in one of its most critical markets.

Sales of iPhones in China jumped 8% year-on-year in the three months to the end of June, according to Counterpoint Research. It’s the first time Apple has recorded growth in China since the second quarter of 2023.

Apple’s performance was boosted by promotions in May as Chinese e-commerce firms discounted Apple’s iPhone 16 models, its latest devices, Counterpoint said. The tech giant also increased trade-in prices for some iPhone.

“Apple’s adjustment of iPhone prices in May was well timed and well received, coming a week ahead of the 618 shopping festival,” Ethan Qi, associate director at Counterpoint said in a press release. The 618 shopping festival happens in China every June and e-commerce retailers offer heavy discounts.

Apple’s return to growth in China will be welcomed by investors who have seen the company’s stock fall around 15% this year as it faces a number of headwinds.

U.S. President Donald Trump has threatened Apple with tariffs and urged CEO Tim Cook to manufacture iPhones in America, a move experts have said would be near-impossible. China has also been a headache for Apple since Huawei, whose smartphone business was crippled by U.S. sanctions, made a comeback in late 2023 with the release of a new phone containing a more advanced chip that many had thought would be difficult for China to produce.

Since then, Huawei has aggressively launched devices in China and has even begun dipping its toe back into international markets. The Chinese tech giant has found success eating away at some of Apple’s market share in China.

Huawei’s sales rose 12% year-on-year in the second-quarter, according to Counterpoint. The firm was the biggest player in China by market share in the second quarter, followed by Vivo and then Apple in third place.

“Huawei is still riding high on core user loyalty as they replace their old phones for new Huawei releases,” Counterpoint Senior Analyst Ivan Lam said.

Continue Reading

Technology

Like Google, China’s biggest search player Baidu is beefing up its product with AI to fight rivals

Published

on

By

Like Google, China's biggest search player Baidu is beefing up its product with AI to fight rivals

Pictured here is the Ernie bot mobile interface, with the Baidu search engine home page in the background.

Future Publishing | Future Publishing | Getty Images

Chinese tech giant Baidu has bolstered its core search platform with artificial intelligence in the biggest overhaul of the product in 10 years.

Analysts told CNBC the move was a bid to keep ahead of fast-moving rivals like DeepSeek, rather than traditional search players.

“There has been some small pressure on the search business but the focus on AI and Ernie Bot is a key move ahead,” Dan Ives, global head of tech research at Wedbush Securities, told CNBC by email. Ernie Bot is Baidu’s AI chatbot.

“Baidu is not waiting around to watch the paint dry, full steam ahead on AI,” he added.

Baidu AI overhaul

Baidu is China’s biggest search engine, but — as is also being seen by Google — the search market is being disrupted.

Users are flocking instead to AI services such as ChatGPT or DeepSeek, which shocked the world this year with its advanced model it claimed was created at a fraction of the cost of rivals.

But Kai Wang, Asia equity market strategist at Morningstar, also noted that short video platforms such as Douyin and Kuaishou are also getting into AI search and piling pressure on Baidu.

To counter this, Baidu made some major changes to its core search product:

  • Users can now enter more than a thousand characters in the search box, versus 28 previously;
  • Questions can be asked in a more direct and conversational manner, mirroring how people now use chatbots;
  • Users can ask questions through voice but also prompt the seach engine with pictures and files;
  • Baidu has integrated its AI chatbot features, which enable users to generate photos, text and videos, into the product.

“This is more aligned with how people use ChatGPT and DeepSeek in terms of how they look for answers,” Wang said.

Outside of China, Google has also been looking to enhance its core search product with AI, highlighting how search has been under pressure from the burgeoning technology.

Baidu on the offense

Baidu was one of China’s first movers when it came to AI, releasing its first models and ChatGPT-style product Ernie Bot to the public in 2023. Since then, it has aggressively launched updated AI models.

However, the Beijing-headquartered company has also faced intense competition from fellow tech giants like Alibaba and Tencent, as well as upstarts such as DeepSeek.

These companies have also been launching new models and infusing AI into their products and Baidu’s stock has fallen behind as a result. Baidu shares have risen around 2.5% this year, versus a 30.5% surge for Alibaba and a 20% rise for Tencent.

“This is a defensive and offensive move … Baidu needs to be aggressive and perception-wise show they are not the little brother to Tencent on the AI front,” Wedbush Securities’ Ives added.

Continue Reading

Technology

AI voice startup ElevenLabs pushes global expansion as it gears up for an IPO

Published

on

By

AI voice startup ElevenLabs pushes global expansion as it gears up for an IPO

Founded in 2022, ElevenLabs is an AI voice generation startup based in London. It competes with the likes of Speechmatics and Hume AI.

Sopa Images | Lightrocket | Getty Images

LONDON — ElevenLabs, a London-based startup that specializes in generating synthetic voices through artificial intelligence, has revealed plans to be IPO-ready within five years.

The company told CNBC it is targeting major global expansion as it prepares for an initial public offering.

“We expect to build more hubs in Europe, Asia and South America, and just keep scaling,” Mati Staniszewski, ElevenLabs’ CEO and co-founder, told CNBC in an interview at the firm’s London office.

He identified Paris, Singapore, Brazil and Mexico as potential new locations. London is currently ElevenLabs’ biggest office, followed by New York, Warsaw, San Francisco, Japan, India and Bangalore.

Staniszewski said the eventual aim is to get the company ready for an IPO in the next five years.

“From a commercial standpoint, we would like to be ready for an IPO in that time,” he said. “If the market is right, we would like to create a public company … that’s going to be here for the next generation.”

Undecided on location

Fundraising plans

ElevenLabs was valued at $3.3 billion following a recent $180 million funding round. The company is backed by the likes of Andreessen Horowitz, Sequoia Capital and ICONIQ Growth, as well as corporate names like Salesforce and Deutsche Telekom.

Staniszewski said his startup was open to raising more money from VCs, but it would depend on whether it sees a valid business need, like scaling further in other markets. “The way we try to raise is very much like, if there’s a bet we want to take, to accelerate that bet [we will] take the money,” he said.

Continue Reading

Trending