Back to Glossary

Ransomware

What Is Ransomware?

Ransomware is a type of malicious software (malware) that is designed to block access to a computer system or data until a ransom is paid. It is typically spread through phishing emails, malicious websites, or other online sources. Once installed, ransomware encrypts the user's data and locks them out of their system, preventing them from accessing their files or programs. The attacker then demands a ransom payment in exchange for the decryption key, which is necessary to regain access to the system and data. Ransomware attacks can be financially devastating for individuals and organizations, as they can result in the loss of important data and the disruption of business operations.

Description

Ransomware is a type of malicious software that blocks access to a computer system or data until a ransom is paid.

Usage and Examples

Ransomware is typically spread through phishing emails, malicious websites, or other online sources. Once installed, ransomware encrypts the user's data and locks them out of their system, preventing them from accessing their files or programs. The attacker then demands a ransom payment in exchange for the decryption key, which is necessary to regain access to the system and data. Ransomware attacks can be financially devastating for individuals and organizations, as they can result in the loss of important data and the disruption of business operations.

For example, in 2017, the WannaCry ransomware attack affected more than 200,000 computers in over 150 countries, resulting in billions of dollars in losses. In 2019, the Ryuk ransomware attack targeted more than 200 organizations, including hospitals, universities, and government agencies, resulting in millions of dollars in losses.

Access control

Advanced Persistent Threat

Application Penetration Testing

Attack Surface

BYOD

Botnet

Business Email Compromise (BEC)

CIS Controls

CIS RAM

COBIT

Cloud Security

Cloud computing

Cryptocurrency

Cryptojacking

Cyber Attack

Cyber Maturity Model Certification (CMMC)

Cyber Threat Intelligence

DDoS Attack

DMZ

Darknet

Data Breach

Data Loss Prevention

Declaration of Conformity

Encryption

Endpoint

Endpoint Detection and Response

Ethical Hacking Tools

FISMA

Firewall

GDPR

Gap analysis

HIPAA

Hacker

Hypervisor (VMM)

ISO 27001

Identification

Identity Theft

Incident Response

Infrastructure-as-a-Service (IaaS)

Initial Access Brokers

Internal Penetration Testing

Intrusion Prevention System (IPS)

Intrusion detection system (IDS)

Keyboard logger

MTTD and MTTR

Macro virus

Malicious Apps

Malware

Managed Detection and Response (MDR)

Multi-Factor Authentication (MFA)

NIST Cybersecurity Framework

Network Firewall

Network Penetration Testing

Network Security

Network Security Assessment

PCI DSS

Password

Password Cracking

Penetration Testing

Phishing

Platform-as-a-Service (PaaS)

Privilege Escalation

Proxy server

Ransomware

Ransomware-as-a-Service

Red Team Vs. Blue Team

Risk assessment

SIEM

Secure Shell (SSH)

Security Control

Security Information and Event management (SIEM)

Security Operations

Security Operations Center (SOC)

Security Orchestration Platform

Security Orchestration Tools

Security Perimeter

Security Policy

Session Hijacking

Shadow IT

Social Engineering

Spear Phishing

Spoofing

Spyware

Static Application Security Testing

Strategic Advisory

Supply Chain Attack

Threat & Vulnerability Management

Threat Actor

Threat Hunting

Threat Management

Trojan Horse

Two-Factor Authentication

UEBA

User Account

VPN

Vishing

Vulnerability Management Tools

Vulnerability Scanning

Whaling

Whitelisting

Previous term
No previous terms!
Next term
No next terms!
Ready to find more vulnerabilities than your last pentest?
Unlock your organization's full security potential and uncover even more vulnerabilities than before by choosing our advanced penetration testing services.
Get Started