Not so long ago, stories about powerful computer viruses apparently spreading around the world and threatening to bring modern life to a halt regularly filled the news. These days, cybercrime rarely makes the headlines, and most of us have become inured to warnings that our passwords have been found in a data leak. Yet cybercrime is a bigger business today than ever, and the National Crime Agency warns that ransomware – whereby hackers install viruses that encrypt victims’ data until they pay up – really could damage the country.

How we got here, and what we can do about it, are the subject of this highly readable and impressively researched book by Anja Shortland, a professor at King’s College London and a world expert on economic crime. She traces the origins of cybercrime back to the days when ‘hackers’ were merely anarchic computer enthusiasts who entertained themselves by breaking into university and company networks. They included Apple founders Steve Jobs and Steve Wozniak, whose ascent to the top of the Silicon Valley elite began with a ‘little blue box’ that hacked the telephone system, enabling users to make free calls.

Jobs and Wozniak may have subsequently gone legit, but for many early computer whizzes who did not enjoy the good fortune of being born on the west coast of the United States – not least in former Soviet states such as Russia and Ukraine – the lure of cybercrime was harder to resist. Early scams included stealing bank and credit card details to buy goods, or hacking into company websites (which were typically riddled with security flaws) and demanding payment for ‘security advice’ under threat of inflicting damage to their systems.

But these early attempts at ransomware were fairly rudimentary. One problem facing the aspiring cyber-­extortionist was that the location of their servers could be traced via their IP address – a real problem for Western hackers. Another was that their scams might only work a few times before tech companies or law enforcement agencies cracked their codes, enabling them to send the necessary decryption key to victims or issue security patches. But perhaps the biggest problem for hackers was finding a secure way to receive payment.

A series of innovations enabled cybercriminals to overcome these obstacles. The first, ironically, came via the US security services, which wanted their own means of secret communication. The result was ‘The Onion Router’, an internet protocol that conceals the identities of users of the dark web, the part of the internet invisible to search engines. The second was ‘asymmetric encryption’, whereby viruses would constantly mutate, each mutation generating its own unique recovery key that victims would have to buy. The third, of course, was Bitcoin: digital money that could be sent around the world outside the banking system.

These innovations have turned ransomware into a sophisticated industry. Crime gangs effectively sell licences to their ransomware products to ‘affiliates’, who hack into company systems, plant the virus and share in the proceeds of any ransoms. Part of the reason this business model is startlingly successful is that it very often makes sense for a firm to pay up: between a quarter and a third of company directors do so, given the cost of being shut out of their systems for days or weeks. Insurers often insist on it.

What has also worked in the hackers’ favour is the willingness of some countries to turn a blind eye to their activities. Russia’s spy agencies, for example, value the access to foreign companies’ computer networks and secrets that cybercriminals provide. Since a crime needs to have been committed in Russia or against Russian citizens or interests to be considered illegal there, careful hackers can evade sanction by sticking to extorting foreigners. It is extremely rare that international law enforcement agencies succeed in identifying the criminals at all.

More than half of enterprises in the Americas, Europe and Asia-Pacific with sales exceeding $10 million experienced a ransomware attack in 2024, according to a global survey that year. The median ransom payment was $2 million. Ransomware gangs have jointly raked in over $1 billion in revenues a year since 2020, but the true cost to the global economy – which includes responding to attacks and reconstruction – was estimated at around $57 billion for 2025 and is predicted to rise to over $200 billion by 2030.

Nonetheless, the real danger lies in a hostile state exploiting ransomware to threaten another country’s critical infrastructure. To see what might be at stake, look no further than Costa Rica, which suffered a devastating ransomware attack in 2022 targeting the Ministry of Finance. That led to the complete paralysis of the country’s international trade, with food perishing at the docks, commercial chaos and unpaid salaries. In that case, the crisis was caused by the outgoing government’s refusal to pay the $10 million ransom demand – but the incoming government had to declare a national emergency.

So far, Russia, North Korea and other state sponsors of ransomware gangs have seemingly refrained from weaponising these capabilities. But Shortland points to leaked documents showing that the Kremlin is actively planning for cyberwar. Imagine the damage that could be done if a hostile state tampered with nuclear power stations or air traffic control systems. ‘We … live with a previously unimaginable level of catastrophic risk, to which many of us are mostly blind or indifferent,’ she warns. Perhaps this sobering book will open our eyes before it is too late.