Ransomware
Definition
Ransomware is a type of malicious software that encrypts a victim’s data and demands payment in exchange for restoring access.
Examples
- A hospital’s patient records are encrypted by ransomware, and the attackers demand payment in cryptocurrency.
- An employee unknowingly downloads a malicious attachment, triggering a ransomware infection that spreads across the corporate network.
Overview
Ransomware is a form of malware that locks or encrypts a victim’s files, rendering them inaccessible. The attacker then demands a ransom — usually in cryptocurrency — in exchange for a decryption key. If the ransom isn’t paid, the data may remain locked, be deleted, or even leaked to the public. Ransomware attacks have become one of the most disruptive threats facing businesses, governments, schools, and healthcare providers.
Originally, ransomware focused on single users and small payments. Today, attacks have evolved into targeted campaigns against large organizations, where attackers demand millions and often exfiltrate data before encrypting it, increasing pressure on victims to comply.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.