What Is Ransomware?

Table of Contents

Ransomware is a type of cyberattack that holds computer files or systems hostage until a ransom is paid. The ransomware malware encrypts the targeted organization’s data, making it inaccessible, and then displays a message demanding payment to decrypt the data. Ransomware has become an increasingly common threat in recent years, with several high-profile attacks causing massive damage. In this article, we will take a closer look at what ransomware is, how it works, what are some of its well-known attacks and types, and how to protect against them.

What is ransomware?

Ransomware is a type of malware that encrypts the targeted organization’s data, making it inaccessible, and then displays a message demanding payment to decrypt the data. The ransomware attack usually starts with a phishing email that tricks the user into clicking on a malicious link or attachment. Once the ransomware is installed on the targeted organization’s computers, it will start encrypting the files and folders on the hard drive. The ransomware will then display a message demanding a ransom to be paid to decrypt the data.

How does a ransomware attack work?

A ransomware attack typically unfolds as follows:

  • The attacker will send a phishing email to the targeted organization that contains a malicious link or attachment.
  • When the targeted user clicks on the link or opens the attachment, the ransomware will be installed on their computers.
  • Once installed, the ransomware will start encrypting files and folders on the hard drive.
  • The ransomware will then display a message demanding a ransom to be paid to decrypt the data.
  • If the ransom is not paid, the attacker may threaten to delete the encrypted data or release it publicly.

What are some of the most well-known ransomware attacks?

There have been several high-profile ransomware attacks in recent years that have caused massive damage, include the following:

WannaCry

In May 2017, the WannaCry ransomware attack infected more than 230,000 computers in 150 countries and caused billions of dollars in damage. The WannaCry ransomware encrypted files on the targeted user’s computer and demanded a ransom of $300 in Bitcoins.

Petya/NotPetya

In June 2017, the Petya ransomware attack hit computers in Ukraine and spread to other countries, causing billions of dollars in damage. The ransomware encrypted the targeted users’ hard drives and demanded a ransom of $300 in Bitcoins.

Locky

In February 2016, the Locky ransomware attack hit more than 100,000 computers in over 100 countries. The ransomware encrypted files on the targeted users’ computers and demanded a ransom of 0.25 Bitcoin.

What are some of the most popular types of ransomware attacks?

Ransomware attacks have grown into several popular types, among which are the following:

Crypto ransomware

Crypto ransomware is the most common type of ransomware attack. This type of ransomware encrypts the targeted users’ data, making it inaccessible, and then displays a message demanding payment to decrypt the data.

Locker ransomware

Locker ransomware is a type of ransomware that locks the targeted user’s computer and prevents them from accessing it. This type of ransomware usually does not encrypt the targeted system’s data, although some variants may encrypt the system’s files.

Scareware

Scareware is a type of ransomware that tries to scare the targeted user into paying the ransom. This type of ransomware usually displays a fake message that pretends to be from a law enforcement agency or another organization.

Ransomware-as-a-Service (RaaS)

Ransomware-as-a-Service (RaaS) is a type of ransomware that allows anyone to create their ransomware attack and distribute it to the targeted organizations’ systems. This type of ransomware is usually distributed through malicious email attachments or links.

Doxware or leakware

Doxware or leakware is a type of ransomware that threatens to release the targeted organization’s sensitive data if the ransom is not paid. This type of ransomware usually targets businesses and individuals who have sensitive data that would be damaging if it were released publicly.

How to protect against ransomware attacks?

There are several measures you can take to protect your organization against ransomware attacks, including the following:

  • Keep your operating systems and software up-to-date: Outdated software can provide ransomware attackers with a way into your computer.
  • Install anti-malware software: Anti-malware software can help detect and remove ransomware from your computers.
  • Back up your data: Regularly backing up your data at an offsite location can help you recover your files if they are encrypted by ransomware.
  • Be cautious of email attachments: Email attachments are one of the most common ways that ransomware is spread. Be cautious of email attachments, even if they appear to be from a trusted source.
  • Use two-factor authentication and robust passwords: Implementing two-factor authentication and using strong and unique passwords can help prevent any of your systems from being compromised.
  • Never pay the ransom: Even if you pay the ransomware, there is no guarantee that you will get your data back.
  • Report the attack: If your organization has been targeted by a ransomware attack, you should report it to the authorities.
  • Stay up-to-date on the latest ransomware threats: Ransomware attacks are becoming more sophisticated and popular, namely through its Ransomware-as-a-Service (RaaS) business model.

Wrapping up

Ransomware attacks have become a growing cause of concern for many organizations. The rapid rise of Ransomware-as-a-Service (RaaS) has made ransomware attacks more accessible and easier to carry out, resulting in a major surge in ransomware attacks. Our other article How to prevent a ransomware attack includes other measures not mentioned here. One of them is a ransomware readiness audit assessment, specifically designed to fix any of your existing system vulnerabilities to a ransomware attack.

Contact us if you need help with testing and improving your network security.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.

Recent Blog Posts

Categories

Featured Services

The Latest Blog Articles From Vumetric

From industry trends,  to recommended best practices, read it here first:

Tell us about your needs.
Get an answer the same business day.

Tell us about your needs.
Get an answer the same business day.

Fill out the form below and get an answer from our experts within 1 business day.

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

PCI-DSS

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project's scope
  • You get an all-inclusive, no engagement proposal

This field is for validation purposes and should be left unchanged.
Scroll to Top

BOOK A MEETING

Enter Your
Corporate Email

This site is registered on wpml.org as a development site.