Browse Definitions:
Definition

ransomware

Ransomware is malicious code that is used by cybercriminals to launch data kidnapping and lockscreen attacks. The motive for ransomware attacks is monetary, and unlike other types of attacks, the victim is usually notified that an exploit has occurred and is given instructions for how to recover from the attack. Payment is often demanded in virtual currency to protect the criminal’s identity.

Ransomware malware can be spread through malicious e-mail attachments, infected software apps, infected external storage devices and compromised websites. In a lockscreen attack, the malware may change the victim’s login credentials for a computing device; in a data kidnapping attack, the malware may encrypt files on the infected device as well as other connected network devices.

Ransomware kits on the deep web have allowed cybercriminals with little or no technical background to purchase inexpensive ransomware-as-a-service (RaaS) programs and launch attacks with very little effort. Attackers may use one of several different approaches to extort digital currency from their victims. For example:

  • The victim may receive a pop-up message or email warning that if the ransom is not paid by a certain date, the private key required to unlock the device or decrypt files will be destroyed.
  • The victim may be duped into believing he is the subject of an official inquiry. After being informed that unlicensed software or illegal web content has been found on his computer, the victim is given instructions for how to pay an electronic fine.
  • The attacker encrypts files on infected computed devices and makes money by selling a product that promises to help the victim unlock files and prevent future malware attacks.

To protect against ransomware attacks and other types of cyberextortion, experts urge users to backup computing devices on a regular basis and update software -- including anti-virus software -- on a regular basis. End users should beware of clicking on links in emails from strangers  or opening email attachments and victims should do all they can to avoid paying ransoms.

While ransomware attacks may be nearly impossible to stop, there are important data protection measures individuals and organizations can take to insure that damage is minimal and recovery is a quick as possible. Strategies include compartmentalizing authentication systems and domains, keeping up-to-date storage snapshots outside the main storage pool and enforcing hard limits on who can access data and when access is permitted.

See also: DoS extortion, cryptoperiod

This was last updated in April 2016

Continue Reading About ransomware

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Whats is the limit to privent to Ransomware for cisco iron port C380,c680,X1070 & M1070 models
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

SearchSecurity

  • black hat

    Black hat refers to a hacker who breaks into a computer system or network with malicious intent.

  • copyright

    Copyright is a legal term describing ownership of control of the rights to the use and distribution of certain works of creative ...

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and ...

SearchHealthIT

  • population health management (PHM)

    Population health management (PHM) is a discipline within the healthcare industry that studies and facilitates care delivery ...

  • ICD-10-PCS

    The International Classification of Diseases, 10th Revision, Procedure Coding System (ICD-10-PCS) is a U.S. cataloging system for...

  • U.S. National Library of Medicine (NLM)

    The U.S. National Library of Medicine (NLM) is the largest biomedical library in the world.

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

  • mass notification system (MNS)

    A mass notification system is a platform that sends one-way messages to inform employees and the public of an emergency.

SearchStorage

  • open source storage

    Open source storage is data storage software developed in a public, collaborative manner that permits the free use, distribution ...

  • CompactFlash card (CF card)

    A CompactFlash card (CF card) is a memory card format developed by SanDisk in 1994 that uses flash memory technology to store ...

  • email archiving

    Email archiving (also spelled e-mail archiving) is a systematic approach to saving and protecting the data contained in email ...

SearchSolidStateStorage

  • RRAM or ReRAM (resistive RAM)

    RRAM or ReRAM (resistive random access memory) is a form of nonvolatile storage that operates by changing the resistance of a ...

  • JEDEC

    JEDEC is a global industry group that develops open standards for microelectronics.

  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification written for internally mounted storage...

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close