Technology
AI Analysis
We Know You Can Pay a Million by Anja Shortland review – the terrifying new world of ransomware
AI
AI Legal Analyst
Summary
One day a cyber-attack could bring an entire economy to a pandemic-like standstill. Photograph: Yifei Fang/Getty Images View image in fullscreen One day a cyber-attack could bring an entire economy to a pandemic-like standstill. A ransomware attack is a form of cybercrime in which hackers use malware to encrypt data and charge the targets a fee to receive a decryption key. Shortland invokes Covid in another sense: one day a cyber-attack could bring an entire economy to a pandemic-like standstill, so we had better be ready.
## Summary
One day a cyber-attack could bring an entire economy to a pandemic-like standstill. Photograph: Yifei Fang/Getty Images View image in fullscreen One day a cyber-attack could bring an entire economy to a pandemic-like standstill. A ransomware attack is a form of cybercrime in which hackers use malware to encrypt data and charge the targets a fee to receive a decryption key. Shortland invokes Covid in another sense: one day a cyber-attack could bring an entire economy to a pandemic-like standstill, so we had better be ready.
## Article Content
One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
Photograph: Yifei Fang/Getty Images
View image in fullscreen
One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
Photograph: Yifei Fang/Getty Images
Review
We Know You Can Pay a Million by Anja Shortland review – the terrifying new world of ransomware
Criminals extorting money online have created huge businesses, complete with branding and HR
T
he birth of ransomware was a stunt that got out of hand. In 1989, an evolutionary biologist called Joseph L Popp Jr was working part time for the World Health Organisation on the Aids epidemic. He was a difficult man. When he was denied a permanent job, he decided to punish his peers while shocking them into acknowledging another kind of infection: the computer virus.
Popp wrote a questionnaire promising to help minimise the risk of contracting HIV, duplicated it on to 20,000 floppy discs, and sent them to researchers in 90 countries. Each disc contained a Trojan virus. Once it was inserted, a malware timebomb eventually made the computer unusable until the user paid a “licence fee” of $189 to a PO box in Panama. Popp’s primitive “Aids Trojan” was quickly identified and he was arrested for blackmail. Intending to make a point rather than a profit, he was mortified to learn that some of his targets had overreacted by wiping their hard drives: one Italian Aids organisation lost a decade’s worth of vital data. Popp experienced a psychological collapse and was deemed unfit to stand trial. The criminals who developed his crude innovation into a global business would not be so scrupulous.
A ransomware attack is a form of cybercrime in which hackers use malware to encrypt data and charge the targets a fee to receive a decryption key. Increasingly, the hackers also steal sensitive data and threaten to auction it on the dark web: “double extortion”. It is a remarkably inefficient form of crime, like trashing an entire car to steal a pair of sunglasses. According to Anja Shortland, a professor of political economy at King’s College London and expert in the economics of crime, the hackers reap only around $1bn a year but cost their victims, in 2025, an estimated $57bn.
The disproportionate consequences of refusing to pay create a collective action problem by incentivising compliance. It’s much quicker and cheaper to cough up and minimise disruption than to hold out and suck up the damage. The British Library, for example, was
hacked in October 2023
and is still not back to normal. But every ransom paid inspires further attacks. There is a psychological cost, too. One man whose computer company was almost destroyed by a hack compared the experience to “suffocating, drowning – or both at the same time”.
Computer scientists Adam L Young and Moti Yung first
mapped out the potential
of ransomware in 1996, comparing it to the face huggers in Alien: the virus could not be removed without killing the host. But for many years, technological limitations made it unrewarding, especially when it came to trading in stolen data. One reformed cybercriminal likened trying to sell a major cache to “offering a 747 for sale at a flea market”. Three breakthroughs were required to turn ransomware into a thriving industry: untraceable communications (the TOR protocol), a decentralised currency (bitcoin) and asymmetric encryption, which generates a unique encryption key for each infected computer. By 2013, Shortland writes, “all the preconditions for large-scale, profitable ransomware campaigns were in place”.
Shortland’s book lacks the narrative verve of Scott J Shapiro’s 2023 history of hacking, Fancy Bear Goes Phishing. Her mission is to explain more than to entertain. But she still manages to paint a fascinating picture of a fast-evolving criminal industry. Ambitious hackers build ransomware brands, sharing their top-of-the-range software with affiliates who do the dirty work of extortion. Establishing trust among thieves is essential, if short-lived. The major brands have salaried employees, help desks and even human resources departments. “Criminal HR is a fast-moving, high-stakes job,” Shortland writes. I’ll bet it is.
Job security isn’t great in this business. Whether due to internal fractures or heat from law enforcement, operations routinely shut down and reopen under new guises. According to Shortland, the cyber-attack that paralysed much of Costa Rica’s economy in 2022 at a cost of half a billion dollars was probably a marketing exercise by a collapsing brand called Conti, to create the illusion that it was healthier than it was. The Costa Ricans were collateral damage. With similar ruthlessness, healthcare systems are popular targets. In such cases, ransomware is not just an economic crime but a lethal one.
Ransomware does not, therefore, attract colourful, lovable rogues. LockBitSupp, which unsuccessfully demanded $80m from Royal Mail in 2023, was revealed to be Russian nat
---
## Expert Analysis
### Merits
- Popp wrote a questionnaire promising to help minimise the risk of contracting HIV, duplicated it on to 20,000 floppy discs, and sent them to researchers in 90 countries.
- The criminals who developed his crude innovation into a global business would not be so scrupulous.
### Areas for Consideration
- He was a difficult man.
- Popp wrote a questionnaire promising to help minimise the risk of contracting HIV, duplicated it on to 20,000 floppy discs, and sent them to researchers in 90 countries.
- The disproportionate consequences of refusing to pay create a collective action problem by incentivising compliance.
### Implications
- One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
- Photograph: Yifei Fang/Getty Images View image in fullscreen One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
- Computer scientists Adam L Young and Moti Yung first mapped out the potential of ransomware in 1996, comparing it to the face huggers in Alien: the virus could not be removed without killing the host.
- Shortland invokes Covid in another sense: one day a cyber-attack could bring an entire economy to a pandemic-like standstill, so we had better be ready.
### Expert Commentary
This article covers ransomware, shortland, cyber topics. Notable strengths include discussion of ransomware. Areas of concern are also raised. Readability: Flesch-Kincaid grade 0.0. Word count: 1100.
One day a cyber-attack could bring an entire economy to a pandemic-like standstill. Photograph: Yifei Fang/Getty Images View image in fullscreen One day a cyber-attack could bring an entire economy to a pandemic-like standstill. A ransomware attack is a form of cybercrime in which hackers use malware to encrypt data and charge the targets a fee to receive a decryption key. Shortland invokes Covid in another sense: one day a cyber-attack could bring an entire economy to a pandemic-like standstill, so we had better be ready.
## Article Content
One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
Photograph: Yifei Fang/Getty Images
View image in fullscreen
One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
Photograph: Yifei Fang/Getty Images
Review
We Know You Can Pay a Million by Anja Shortland review – the terrifying new world of ransomware
Criminals extorting money online have created huge businesses, complete with branding and HR
T
he birth of ransomware was a stunt that got out of hand. In 1989, an evolutionary biologist called Joseph L Popp Jr was working part time for the World Health Organisation on the Aids epidemic. He was a difficult man. When he was denied a permanent job, he decided to punish his peers while shocking them into acknowledging another kind of infection: the computer virus.
Popp wrote a questionnaire promising to help minimise the risk of contracting HIV, duplicated it on to 20,000 floppy discs, and sent them to researchers in 90 countries. Each disc contained a Trojan virus. Once it was inserted, a malware timebomb eventually made the computer unusable until the user paid a “licence fee” of $189 to a PO box in Panama. Popp’s primitive “Aids Trojan” was quickly identified and he was arrested for blackmail. Intending to make a point rather than a profit, he was mortified to learn that some of his targets had overreacted by wiping their hard drives: one Italian Aids organisation lost a decade’s worth of vital data. Popp experienced a psychological collapse and was deemed unfit to stand trial. The criminals who developed his crude innovation into a global business would not be so scrupulous.
A ransomware attack is a form of cybercrime in which hackers use malware to encrypt data and charge the targets a fee to receive a decryption key. Increasingly, the hackers also steal sensitive data and threaten to auction it on the dark web: “double extortion”. It is a remarkably inefficient form of crime, like trashing an entire car to steal a pair of sunglasses. According to Anja Shortland, a professor of political economy at King’s College London and expert in the economics of crime, the hackers reap only around $1bn a year but cost their victims, in 2025, an estimated $57bn.
The disproportionate consequences of refusing to pay create a collective action problem by incentivising compliance. It’s much quicker and cheaper to cough up and minimise disruption than to hold out and suck up the damage. The British Library, for example, was
hacked in October 2023
and is still not back to normal. But every ransom paid inspires further attacks. There is a psychological cost, too. One man whose computer company was almost destroyed by a hack compared the experience to “suffocating, drowning – or both at the same time”.
Computer scientists Adam L Young and Moti Yung first
mapped out the potential
of ransomware in 1996, comparing it to the face huggers in Alien: the virus could not be removed without killing the host. But for many years, technological limitations made it unrewarding, especially when it came to trading in stolen data. One reformed cybercriminal likened trying to sell a major cache to “offering a 747 for sale at a flea market”. Three breakthroughs were required to turn ransomware into a thriving industry: untraceable communications (the TOR protocol), a decentralised currency (bitcoin) and asymmetric encryption, which generates a unique encryption key for each infected computer. By 2013, Shortland writes, “all the preconditions for large-scale, profitable ransomware campaigns were in place”.
Shortland’s book lacks the narrative verve of Scott J Shapiro’s 2023 history of hacking, Fancy Bear Goes Phishing. Her mission is to explain more than to entertain. But she still manages to paint a fascinating picture of a fast-evolving criminal industry. Ambitious hackers build ransomware brands, sharing their top-of-the-range software with affiliates who do the dirty work of extortion. Establishing trust among thieves is essential, if short-lived. The major brands have salaried employees, help desks and even human resources departments. “Criminal HR is a fast-moving, high-stakes job,” Shortland writes. I’ll bet it is.
Job security isn’t great in this business. Whether due to internal fractures or heat from law enforcement, operations routinely shut down and reopen under new guises. According to Shortland, the cyber-attack that paralysed much of Costa Rica’s economy in 2022 at a cost of half a billion dollars was probably a marketing exercise by a collapsing brand called Conti, to create the illusion that it was healthier than it was. The Costa Ricans were collateral damage. With similar ruthlessness, healthcare systems are popular targets. In such cases, ransomware is not just an economic crime but a lethal one.
Ransomware does not, therefore, attract colourful, lovable rogues. LockBitSupp, which unsuccessfully demanded $80m from Royal Mail in 2023, was revealed to be Russian nat
---
## Expert Analysis
### Merits
- Popp wrote a questionnaire promising to help minimise the risk of contracting HIV, duplicated it on to 20,000 floppy discs, and sent them to researchers in 90 countries.
- The criminals who developed his crude innovation into a global business would not be so scrupulous.
### Areas for Consideration
- He was a difficult man.
- Popp wrote a questionnaire promising to help minimise the risk of contracting HIV, duplicated it on to 20,000 floppy discs, and sent them to researchers in 90 countries.
- The disproportionate consequences of refusing to pay create a collective action problem by incentivising compliance.
### Implications
- One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
- Photograph: Yifei Fang/Getty Images View image in fullscreen One day a cyber-attack could bring an entire economy to a pandemic-like standstill.
- Computer scientists Adam L Young and Moti Yung first mapped out the potential of ransomware in 1996, comparing it to the face huggers in Alien: the virus could not be removed without killing the host.
- Shortland invokes Covid in another sense: one day a cyber-attack could bring an entire economy to a pandemic-like standstill, so we had better be ready.
### Expert Commentary
This article covers ransomware, shortland, cyber topics. Notable strengths include discussion of ransomware. Areas of concern are also raised. Readability: Flesch-Kincaid grade 0.0. Word count: 1100.
ransomware
shortland
cyber
attack
economy
computer
data
entire
Related Articles
Rhythm Heaven Groove comes to Switch on July 2
1 day, 15 hours ago
Roku will stream Savannah Bananas games, along with the entire Banana Ball...
1 day, 15 hours ago
The best Android tablets of 2026: Lab tested, expert recommended
1 day, 15 hours ago
The best dedicated web hosting of 2026: Expert tested and reviewed
1 day, 15 hours ago
