What is ransomware?
We have all heard about ransomware in the news. But do you know what ransomware really is? Ransomware is a form of malware that encrypts data or locks up systems until the victim pays a ransom.
How does it work?
It should come as no surprise that most ransomware attacks begin with a phishing email when someone clicks on a link or downloads an attachment. That simple action launches the malware, which immediately seeks out specific files and encrypts them without making its presence known. Then a ransom note is displayed on the victim’s computer explaining what happened, how much the victim must pay to receive the decryption keys to unlock their data, and may offer to decrypt a few files for free to prove that the keys work.
Attackers give the victims a short timeframe in which they must pay. Failure to meet it will either result in the ransom demands increasing in price, or the decryption keys being destroyed forever. All of this adds up to a difficult choice for the victim:
Pay the ransom, which is often extremely expensive, or
Attempt to recover without paying the ransom, which is extremely time-consuming and often futile.