Part of the Application security glossary:

Ransomware is malware for data kidnapping, an exploit in which the attacker encrypts the victim's data and demands payment for the decryption key

Ransomware spreads through e-mail attachments, infected programs and compromised websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm.

Attackers may use one of several different approaches to extort money from their victims:

  • After a victim discovers he cannot open a file, he receives an email ransom note demanding a relatively small amount of money in exchange for a private key. The attacker warns that if the ransom is not paid by a certain date, the private key will be destroyed and the data will be lost forever.
  • The victim is duped into believing he is the subject of an police inquiry. After being informed that unlicensed software or illegal web content has been found on his computer, the victim is given instructions for how to pay an electronic fine.
  • The malware surreptitiously encrypts the victim's data but does nothing else. In this approach, the data kidnapper anticipates that the victim will look on the Internet for how to fix the problem and makes money by selling anti-ransomware software on legitimate websites.

To protect against data kidnapping, experts urge that users backup data on a regular basis. If an attack occurs, do not pay a ransom. Instead, wipe the disk drive clean and restore data from the backup.
See also: cyberextortion, DoS extortion, cryptoperiod

This was last updated in June 2014
Posted by: Margaret Rouse

Related Terms

Definitions

Glossaries

  • Application security

    - Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About ransomwarePowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.